Referrer check to restrict direct file access - javascript

Posted on 2009-04-03
Medium Priority
Last Modified: 2012-06-22
I need a simple javascript I can put in the top of my HTML page to check the referrer, and show/hide the page.  I know this isn't the most secure resolution, but I only need it as a temp solution.

For example, I only want to allow access from two domains (domain1.com and domain2.com).  

Site users will be coming from inside an application to this static HTML page, so the referrer will be correct and will allow it to be viewed.  I want to DISSALLOW access by direct URL, which would lack the correct referrer.

I can't post any page code due to NDA  :(

Thanks for your help!
Question by:northlandadv
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 75

Expert Comment

by:Michel Plungjan
ID: 24063028
if (document.referrer.indexOf('domain1') == -1 and document.referrer.indexOf('domain2') == -1) {
  document.write('<style>* { display:none }</style>')


if (document.referrer.indexOf('domain1') == -1 and document.referrer.indexOf('domain2') == -1) {

Author Comment

ID: 24063047
Hey Thanks!  I'll give it a shot..

Accepted Solution

northlandadv earned 0 total points
ID: 24119073
I was never able to get this to work  :(   I ended up just using the htacess in the end, since it was less hassle.  Thanks anyway.

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: DanRollins
This article describes a JavaScript program that creates a maze made of hexagonal cells.  In Part 2 (http://www.experts-exchange.com/Programming/Languages/Scripting/JavaScript/A_7850-Hex-Maze-Part-2.html), we'll extend the program by adding a depth-…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question