Basic ASP Question, Please Help

Results 1 to 2 of 2

Thread: Basic ASP Question, Please Help

  1. #1
    Join Date
    Dec 1969

    Default Basic ASP Question, Please Help

    I have a site that has info i woul like to protect. I have a login page of course. Also, All the other pages have an include file which checks "HTTP_Referer", to make sure that the user is coming from the http://ip/virtual directory. How secure is this method. Is "HTTP_Referer" easy to defeat. Are there other methods I should use. Some of my pages are in, but I could not get cookies to work for those.

  2. #2
    Join Date
    Dec 1969

    Default If you aren't using HTTPS...

    ...instead of HTTP, then *ANYTHING* that depends on the browser returning info--such as cookie values, such as HTTP_Referer, such as anything sent in the HTTP headers--is subject to spoofing if the user has a sophisticated enough spoofing program.<BR><BR>As for the other: There are several articles on mixing ASP and ASP.NET pages floating around. Do a Google search and see what you find.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts