struts-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <George.Dinwid...@wellsfargo.com>
Subject RE: Browser History by HTTP-REFERER
Date Thu, 03 Aug 2006 14:45:54 GMT
Do you realize that browsers are not required to send a Referer header?
And that many proxies strip out such a header?

You will have far better success if you create a robust application that
can do the correct thing even if URLs are received out of the expected
order.  Trying to hamstring the browser is an exercise in futility.

> -----Original Message-----
> From: Raghuveer [mailto:raghuveerv@infotechsw.com] 
> Sent: Thursday, August 03, 2006 9:37 AM
> To: user@struts.apache.org
> Subject: Browser History by HTTP-REFERER
> 
> 
> 
> In my Struts Web application
> i need to restict the user accessing pages from Browser 
> History. When i access any page from Browser History i get 
> http-referer=null
> 
> So,
> I am checking this by below code on Server side in All my 
> execute method in Struts Action File . 
> if(request.getHeader("REFERER")==null){
> 
> throw new Exception("Invalid operation");
>   }
> 
> Is this Correct way of handling ?
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org


Mime
View raw message