开发者

How to prevent copy of URL in Parent Window

问答 作者:

In my application I am opening my application page in a Child Window. When I look these in IE, It doesnt show any URL this is great but When I check it in Firefox and Chrome I shows me URL.

My Question is Can I hide address bar in Child Window for Firefox and chrome.

I want to prevent User to copy paste URL in Parent window and access the page.

I m using form Authentication

<authentication mode="Forms">
        <forms loginUrl="~/login.aspx" protection="All" timeout="3600" name=".ASPXAUTH" path="/" requireSSL="false" slidingExpiration="true" cookieless="UseUri" enableCrossAppRedirects="false"/>
    </authentication>

I have tried using Authorization="?" I have tried using a javascript to check whether this is a parent window or child window.

开发者_运维知识库 
<script type="text/javascript">
        if (typeof window.opener != "undefined")
            alert("I was opened from within " + window.opener.location.href);
        else if (window != top)
            alert("You came here from " + document.referrer);
</script>

But the 2nd part is not working. Kindly Help me and let me know what I m doing wrong

Instead of preventing user to copy paste url what u can do is u can put some script, that can runs only when a request is made else it will do the action that you want.

 string referer = Request.ServerVariables["HTTP_REFERER"];
        if (string.IsNullOrEmpty(referer))
        {
            Response.Redirect("../Index.htm");
        }

Use runs page only if request is coming from a page else it will redirect to the desired page

No You cannot hide the url if you open a new window. If the page is from the same domain, you can instead AJAX the result into a popup DIV on your current page.

That said - anyone with a tiny bit of web savvy, can find the URL anyway.

For example in Chrome I do not even have to install anything, just click "Inspect Element" hit the NET tab and see the url as it is loaded from whereever.

If I understood what you want right, the only way is after the use logs in, (since you have a login form), save a boolean in the session state that indicates that the user is authenticated, then in the page you want to hide it's url, at the page_load event, check if this boolean is true, this way you can limit access to this url without needing to hide the url.

继续阅读:.netasp.netjavascript

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9