Snitz Forums 2000
Snitz Forums 2000
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

 All Forums
 Snitz Forums 2000 DEV-Group
 DEV Discussions (General)
 possible solution to firewall problems		  New Topic  Topic Locked
 Printer Friendly
Author Previous Topic Topic Next Topic  

Nikkol
Forum Moderator

USA
6907 Posts
Posted - 17 October 2002 :  18:29:20  Show Profile
Seeing as their are a growing number of users that are experiencing difficulties with firewalls... Norton's, ZoneAlarm, etc....it got me thinking. Is the only reason they are having problems is because it blocks the http_referer? Could we instead check the value of the form submit button and the session id of the user (passed in a hidden field from the form) to achieve the same effect?
Nikkol ~ Help Us Help You | ReadMe | 3.4.03 fixes | security fixes ~

work mule
Senior Member

USA
1358 Posts
Posted - 17 October 2002 :  23:54:45  Show Profile
The referer is the problem between the policy.asp page and register.asp. It checks to see if the refer is policy.asp and if not, then it redirects back to it. It could simply be a matter of including the scriptname in a hidden field on policy.asp and checking for that value.

One possible issue with relying on sessions is that if the session timeout is low, it might expire on people who actually read the information on that page.

For instances where you rely on the refer, code in the current location (scriptname) into the querystring. Pages with links to policy.asp could include the scriptname of that page in the querystring.

Searching for: policy.asp
active_users.asp(354): case "policy.asp"
inc_func_common.asp(1628): Case "policy.asp"
inc_header.asp(174): if not Instr(strScriptName,"policy.asp") > 0 and _
inc_header.asp(342): not(Instr(Request.ServerVariables("Path_Info"), "policy.asp") > 0) and _
inc_header.asp(370): Response.Write " <td><font face=""" & strDefaultFontFace & """ size=""1"" color=""" & strHiLiteFontColor & """>Please <a href=""policy.asp"" tabindex=""-1"">register</a> to post in these Forums</font></td>" & vbNewLine
inc_header.asp(529): " <a href=""policy.asp""" & dWStatus("Register to post to our forum...") & " tabindex=""-1""><acronym title=""Register to post to our forum..."">Register</acronym></a>" & vbNewline
inc_login.asp(90): Response.Write "<acronym title=""Click here to register.""><span class=""spnMessageText""><a href=""" & strForumURL & "policy.asp""" & dWStatus("Click here to register.") & ">Register Here!</a></span></acronymn></font></td>" & vbNewLine
login.asp(144): Response.Write "<acronym title=""Click here to register.""><span class=""spnMessageText""><a href=""policy.asp""" & dWStatus("Click here to register.") & ">Register Here!</a></span></acronymn></font></td>" & vbNewLine
pop_profile.asp(80): Response.Write "If this is your account, <a href=""policy.asp"">click here</a> to register.</font></p>" & vbNewLine
pop_profile.asp(775): Response.Write " If you have not registered then <a href=""policy.asp"">do so here</a>.</font></center></p>" & vbNewLine
post.asp(321): Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br />"
post.asp(328): Msg = Msg & "To register, <a href=""policy.asp"">click here</a>. Registration is FREE!<br />"
register.asp(62): if InStr(Request.ServerVariables("HTTP_REFERER"), "policy.asp") = 0 then
register.asp(63): Response.Redirect("policy.asp")
topic.asp(1114): " <font color=""" & strForumFontColor & """ face=""" & strDefaultFontFace & """ size=""" & strFooterFontSize & """><b>Who Can Vote?</b> Only Members can vote. You need to <a href=""policy.asp"">register</a> or be logged in to vote.</font>" & vbNewLine
Found 15 occurrence(s) in 9 file(s)
Edited by - work mule on 17 October 2002 23:55:56
Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Topic Locked
 Printer Friendly
Jump To:
Snitz Forums 2000 © 2000-2021 Snitz™ Communications Go To Top Of Page
This page was generated in 0.15 seconds. Powered By: Snitz Forums 2000 Version 3.4.07