Posted on 2003-11-24
I have an Asp page test.asp for which one parameter needs to be passed for eg id=2 so to access the page in correct way the URL would be xyz.com/test.asp?id=2 Now the ID can be 2,3,4 etc ect It is generated dynamically.I dont want users to modify the ID in the address bar hence I am checking whether request.serverVariable("HTTP_REFERER")<>"" and if it is <>"" then I am processing the page.
I am mailing the link xyz.com/test.asp?id=2 to the customer so if the users have hotmail account,yahoo account or for that matter any web based email account and the customer clicks on the above link the value returned by request.serverVariable("HTTP_REFERER") is not null (unless the customer modifies the ID in the address bar intentionally) .But if the customer has an exchange account for eg if my email lands in outlook express ot microsoft outlook then the value returned by request.serverVariable("HTTP_REFERER") is null even thought the customer dint play with the the id in the Address bar . I dont want that to hapen .
Is there any solution to this problem Or is there any other alternative way?
Thanks for help