Solved

how to protect page display using cookies?

Posted on 2000-04-24
4
214 Views
Last Modified: 2006-11-17
Hi guys,

I have a login page, responselogin page and logout page. How can I do to delete cookies from my computer so that next time user cannot go to previous page without login the id and password even he/she press the previous button in their browser. This is very important to protect the page from unaouthorize user.

TQ
0
Comment
Question by:zamirjalil
  • 2
4 Comments
 
LVL 4

Expert Comment

by:fruey
ID: 2743092
Best thing to do is to disable cookies.

In IE - Internet Options.. Security... Custom
then disable cookies that are stored on your computer, and once-per-session cookies, OR
just disable stored cookies and close your browser fully before letting anyone else use it

In Netscape - Edit... Preferences.. Advanced and disable cookies.

You can also delete cookies by clearing your cache manually. Cookies are usually easy to find in Windows Explorer in your browser cache folder, and can be deleted manually.

From a programming point of view, if you want to write a cookie just for the session, so that it isn't stored on the computer, you can do this by not setting an expiry date. That way it will only last until the end of the session. You could give your user a dialog box like "Close your browser before anyone else uses the computer" as a security tip.
0
 

Expert Comment

by:deepaktyagi
ID: 2743229
you can do one thing when you go to the next page
<a href="javascript:locations.replace(your nextpage address)"></a>

This will not allow the user to go back by using back button.
This is for netscape.
0
 

Accepted Solution

by:
deepaktyagi earned 5 total points
ID: 2743230
you can do one thing when you go to the next page
<a href="javascript:locations.replace(your nextpage address)"></a>

This will not allow the user to go back by using back button.
This is for netscape.
0
 

Expert Comment

by:avidahake
ID: 2743246
you can check from which page he is accessing login page using
'Request.ServerVariables("HTTP_REFERER")
you can check like

if Request.ServerVariables("HTTP_REFERER") = "your password page's URL" then
    allow him to proceed
else
   redirect him to password page
end if

I think this will solve your problem


Avinash.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello, all! I just recently started using Microsoft's IIS 7.5 within Windows 7, as I just downloaded and installed the 90 day trial of Windows 7. (Got to love Microsoft for allowing 90 days) The main reason for downloading and testing Windows 7 is t…
Have you ever needed to get an ASP script to wait for a while? I have, just to let something else happen. Or in my case, to allow other stuff to happen while I was murdering my MySQL database with an update. The Original Issue This was written…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question