security problem

Results 1 to 6 of 6

Thread: security problem

  1. #1
    ASP Developer Guest

    Default security problem

    im writing this web base application that logs on a user with their username and password. how do i keep from storing all the viewed pages in their history? someone could just walk right in,open a valid user&#039s history file and login! ive tried everything from meta experation dates,to deleting the cache,to playing around with the history object. and made all the links window.location.replace(URL). anyone have any suggestions??

  2. #2
    dropkickFreddy Guest

    Default RE: security problem

    I don&#039t recommend playing around too much with those meta experation dates, especially if you don&#039t really know much about them. I presume you don&#039t know much about them, AM I RIGHT.

  3. #3
    C3PO Guest

    Default RE: security problem

    At top of page ....<BR><BR>&#060;% response.expires = -1 %&#062;<BR><BR>(I think????????)<BR>HTH

  4. #4
    ASP Developer Guest

    Default RE: security problem

    actually, i know quite a bit about them. i did that as a suggestion of another developer as a possible solution. it didnt work. but really,whats your point? you never even answered or addressed my quetion....

  5. #5
    ASP Developer Guest

    Default RE: security problem..still need help

    hmm...ok,thats an idea. but how is setting the expiration time of the server side response going to solve the history prob?

  6. #6
    Join Date
    Dec 1969

    Default RE: security problem..still need help

    You could just use this after the user successfully logs in. <BR>Session("loggedIn") = "yes"<BR>Now, on each page that you only want accessible to a valid logged in person put this<BR>if (Session("loggedIn") &#060;&#062; "") then<BR> &#039show them the page<BR>else<BR> &#039send them to the login screen<BR>end if<BR>Now anyone snooping in the history folder will be denied access.<BR><BR>

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts