How to get previous page url?
senario, user might come form google, yahoo, bing.
how to know where they come from?
i try using Request.UrlReferrer
but it returns a null value.
thanks for advice.
I am using ASP.NET webform, C#.
Update
I have a website running.
I just want to know that from where do they come from when the user visited my website.
What you're describing is the Referer HTTP header (originally a misspelling of "Referrer" that we're now stuck with). Browsers populate this field with the URI of any webpage that caused a user to navigate to a new page (such as by clicking an <a> hyperlink, a <form> submission, an action in a Flash object, etc). Not every user action will cause the header to be set, such as if an address is typed directly into the address bar, or if a link is opened in a desktop email messages.
Under ASP.NET this header is accessible by the Request.UrlReferrer property. However this property will be null if the HTTP header value is not a URI or if the field was not set by the client UA.
You must never depend on this mechanism because it is set by the client, and you must never trust the client ( http://en.wikipedia.org/wiki/Defensive_programming ). And as stated, not all visitors will have the Referer header set.
Related
I have a solution with two ASP.NET Core MVC projects. One project (Client) is making a request to the other (Server) using HttpClient. When the action in Server receives the request, I want to get the URL of the thing that sent it. Every article I have read purports Request.Headers["Referer"] as the solution, but in my case Headers does not contain a "referer" key (or "referrer").
When receiving the request in Server, how should I find the URL of the Client that sent it?
That is how you you get the referring url for a request. But the referer isn't the thing that sent the request. The referer gets set in the headers by the browser when a person clicks on a link from one website to go to another website. When that request is made by the browser to the new website the request will typically have the Referer header which will contain the url of the prior website.
The receiving server can't get the url of the "client" making the request, remember a typical web browser client isn't at any url. All the receiving server can get is the IP address of the client typically.
Since you have control of the client software, if you wanted you could have the client put whatever info you want in the header of the request before it's sent to the server and the server could then get that info out of the header.
If you're using HttpClient, then it is up to the site making the request to add that header. It isn't added automatically in this case. So: change the code - or request that the code is changed - so as to add the header and value that you expect. If you are proxying through a request, you might get the value from the current request's Referer header, and add that.
Even in the general case of a browser making the request as part of a normal page cycle, you can't rely on it: the Referer header is often deliberately not sent; depending on the browser version, configuration, whether you're going between different domains, whether it is HTTPS or not, and rel markers on a <a href=... such as "noreferrer".
Currently I'm trying to get the current URL that is shown in the browser.
If I use
Request.Path
I get https://this.website.com:443/Default.aspx which is technically correct.
However the URL displayed in the browser itself is https://this.website.com/.
Using any of the Request options still will show Default.aspx.
I need to ultimately detect wether or not the url in the browser is https://this.website.com or http://this.website.com/Default.aspx and then redirect to Default.aspx if it's not there.
Btw complicating things more is the https redirect in my web.config.
You can get it from the request in the httpcontext.
HttpContext.Current.Request.Url
Updated:
If you want to tell wether the current url is / or /default.aspx. You can use the RawUrl property of the request. This field will contain the whole url.
HttpContext.Current.Request.RawUrl
I am using server.transfer() method in my asp.net application to redirect the response. But I am running into the problem that it sets the previous page url (from where the original request for page was generated) at the browser url bar. I want to change the url in the browser. is it even possible??
I looked into it and i know that the Request has a url property but its read only. does any one know a way to change the url in the request?
Use Response.Redirect(); instead of server.transfer(); and it redirects in the browser.
If you can't do taht, you could use pushState (at least where it's aviable) to change the URL, but it seems a bit of a overkill...
The best way is clearly to change
server.transfer();
to
Response.Redirect();
EDIT
as you want to have the maximum performance, you could should use Response.Redirect with two parameters, and set the second to true.
so instead of
server.transfer(url);
you should have
to
Response.Redirect(url, true);
That causes the current request to abort and force a instant redirect.
Description
You can't change the Url of the Current request because it is already running.
I think you want to do a redirect.
The Redirect method causes the browser to redirect the client to a different URL.
Sample
Response.Redirect("<theNewUrl>");
Update
If you want to change the Url in the Browsers Address Bar without doing a requestion read this:
Can I change the URL string in the address bar using javascript
More Information
MSDN - Response.Redirect Method
Server.Transfer() is just changeing which content you send back.
Response.Redirect() is what you need to tell the browser to go to a new page
You cannot change the URL of a request - it would make no sense, the URL is what your client (the browser) has asked for.
No, you cannot change the URL in the browser like that. That would be a pretty massive security hole if you were able to do that. http://EvilDomain.com would be able to seamlessly masquerade as http://YourOnlineBank.com and no one would be any the wiser.
I am working on a "A proxy site" all the code is ready but i have a problem, when a user enters the url directly into my site it gets processed and loads from the proxysite but I if he clicks a hyperlink it from the website and not from mine, what i need is a way of how i can redirect the url through my site, is it possible ?
eg:
Foxyproxy when you enter www.google.com it loads the site through it, and when you search something it still loads the result page through foxyproxy, what i cant do is load the result page or any other sub-page through my site.
Thanks and Regards :)
You will need to read the entire response from third-party external site and replace all links, header Locations, and other external URLs with your proxy site URL appending the original URL as a URL parameter (or however you get the requested page from the HTTP request: GET param, URL routing, etc.). Then send the modified result to the client.
One of our application will be run in an iframe, inside salesforce and I'm having troubles with accessing the referer. They'd like us to do some referer checks, to make sure the request is coming from salesforce and we've been given the IP addresses to check against.
My problem is that anytime I try to access the referer through either of the following two methods:
HttpContext.Current.Request.ServerVariables["HTTP_REFERER"]
HttpContext.Current.Request.UrlReferrer
it returns me null.
Any ideas how could I get hold of the referer?
PS: I'm aware that you can spoof the referer, but it's part of the requirement.
If I understand the question correctly you have client sites that refer to your site by embedding IFrames in their webpages the point to your site. You wish to "ensure" that the requests are coming from host page which itself is part of a designated set of sites. The set of designated sites is described by a set of IP addresses. Does that cover it?
Tricky. First off lets assume you've got a referer. You will need to aquire the host name from it (easy enough using the Uri type). Then you need to resolve the IP address for the host name using DNS (again not too difficult with .NET framework).
Of course you need to get a referer and that is the trickiest bit. Browsers do not always place a referer header in the request. This is especially true when the referee address is not in the same domain as the referer, which is the case here. IOW, this is a showstopper.
A better approach to solving this problem (and is not prone to spoofing) is to use some hash based authentication. Doesn't have to be too sophisticated (if the original requirements felt the referer testing was sufficient anyway).
A referrer is only there if the page was requested through a link. When a page is opened say from the address bar in a browser by typing in the address directly (or in your case y setting the src. of the IFRAME), the referrer will be empty.