0

I want to restrict users from directly opening my site (somewhat funny but that is the scenario).

The user should first go to another site, login there and then only can they be allow to redirect to my site from that site only.

I tried to access Request Object in below method but it is throwing an exception:

 protected void Application_Start()
        {
            AreaRegistration.RegisterAllAreas();
            RegisterRoutes(RouteTable.Routes);
        }

My site is in MVC2 C#

There is no session, login on my site

Thanks in advance

d.Siva
  • 1,140
  • 3
  • 20
  • 42

1 Answers1

1

You can use the referer for this. However, as this is a http variable, it is absolutely not fail-proof. It depends on the browser whether or not it is sent, and it is fairly easy to modify by using a tool like Tamper Data. I would not recommend depending on the referer for this purpose.

If you also manage the other site the users are redirected from, you could generate some kind of hash, and send it with the url as a request parameter. When the hash is correct, the user is welcome.

Community
  • 1
  • 1
Jesse van Assen
  • 2,240
  • 2
  • 16
  • 19
  • i tried Request.UrlReferrer.AbsolutePath and Request.UrlReferrer but it has only application scope it is not working when i am coming from other application/URL – d.Siva Apr 04 '12 at 12:19
  • As I said, it is dependent upon the browser whether it sends the includes the referer or not. When I create a new html file with a link and run it from my local machine, without a server, the referer isn't included, but when I put it on a server it is. If you are testing this way, you probably won't see it either. Try creating a link to your application (localhost is ok) at http://www.jsfiddle.net or something like it for quick testing on a server. – Jesse van Assen Apr 04 '12 at 12:34