How to know the previous URL that has loaded a new page?

dimensionav
dimensionav used Ask the Experts™
on
HI

I need to get the URL from which a page was loaded, in order to avoid loading pages with just typing its URL directly to a browser.

Any recommendations would be helpful.

Regards.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
How are you getting to the new page, are you clicking hyperlinks in these other pages, making form posts?

Author

Commented:
are you clicking hyperlinks in these other pages, making form posts? <--- yes, indeed.
Commented:
If you are doing form posts directly from one page to another you could use the IsPostBack property of the page.  IsPostBack = true any time the page was hit via a POST action as opposed to a GET action.  Hyperlink clicks result in a GET action, just like typing in the address bar.

You can of course get the previous url via Request.ServerVariables("HTTP_REFERER")  if you type in the address bar, etc the value will be blank, otherwise you'll have the URL of the page you came from, regardless of how you got there.
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

Author

Commented:
jamesrh:

I  am using the following code, but when I type the URL directly I got an object reference error. Is any way to avoid it?

Thanks!
    Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs)
 
        If Not IsNothing(Request.ServerVariables("HTTP_REFERER").ToString) Then
            If CurrentSession.SesionActiva = False Then
                rowDescuento.Visible = False
                rowCondiciones.Visible = False
            Else
                If String.IsNullOrEmpty(CurrentSession.IdEmpleadoFarrera) Then
                    rowDescuento.Visible = False
                    rowCondiciones.Visible = False
                Else
                    rowDescuento.Visible = True
                    rowCondiciones.Visible = True
                End If
            End If
    
        Else
            Response.Redirect("shoppingcart.aspx")
        End If
 
    End Sub

Open in new window

Commented:
You can use Request.UrlReferrer.ToString()


eg URL Refer - http://192.168.1.20/eTFS/(S(fix0sx55gf4iwleagzdf5555))/MemberDetails.aspx?xieehqrn33nkmk45ux15ap3r=22668 

Using below code snippet will give MemberDetails.aspx

If Not Request.UrlReferrer.ToString() = Nothing Then
                    Dim URL As String = Request.UrlReferrer.ToString()
                    Dim Index As Integer = URL.LastIndexOf("/")
                    URL = Right(URL, URL.Length - Index - 1)
                    Index = URL.LastIndexOf("?")
                    If Index = "-1" Then
 
                    Else
                        URL = Left(URL, Index)
                    End If
                    If URL = "MemberDetails.aspx" Then
                        LoadMemberDetials()
                        btn_goBack.Visible = True
                    End If
                End If

Open in new window

Commented:
>  in order to avoid loading pages with just typing its URL directly to a browser

Don't trust this for your security. The http-referrer can easily be fabricated and also some browser extensions/add-ons wil remove the http_referrer from browser requests. The referrer is not required for normal functioning of the http-protocol.

Anyway: it is a silly way of thinking. Like having a one-way-street, but not telling so until people have reached the end of the street.

Author

Commented:
The idea is to protect the checkout page of a shoppingcart, I don´t want that users got into some pages directly.

I been having the issue in which users store in my favorites the checkout balance, I don´t know why but they try to go there later, so you can imagine the problem.

Regards.

Commented:
>but they try to go there later, so you can imagine the problem.

I can not imagine the problem.  When they are not logged in, they have no shopping cart and the page should make that clear.

Author

Commented:
Some users are really creative, I have had the situation that they are logged in and after that they use favorites to get to specific page ( I couldn´t believe it until I watched it)

Perhaps I should include some kind of code in the session in order to avoid this, what do you think?

Regards.

Commented:
Of course you need session. A shopping cart should be linked to a session.

Commented:
I would also recommend using a session to prevent this from occurring.

Author

Commented:
Actually I am using a session object, but I don´t have any code in the On_Load event, handling the requests coming from other pages.

That´s the idea on this posted question.

Thanks.

Commented:
Sorry I didn't mean just have sessions turned on, but to store shopping cart id, etc in them so that pulling a URL from the favorites would just cause an invalid page.  I assume the issue is that there are QueryString values in these old URLS that are causing the code to display invalid data?

Author

Commented:
Actually there aren´t querystrings, I was trying to implement your solution with Request.ServerVariables("HTTP_REFERER"), but considering the importance of security perhaps I should use querystrings, do you recommend them for shopping cart and sessions pages ?

Regards

P.D. I have attached an image with the error when users want to go directly from stored URL
-060.jpg
Commented:
If Not IsNothing(Request.ServerVariables("HTTP_REFERER")) Then

It is the ToString that is causing the error.  When the referrer is empty trying to convert to string doesn't work.

QueryStrings in general don't provide more security, but session variables can.  If you are primarily interested in preventing people from going back to the checkout page from history there are a couple of things you can do.  One is to make sure that you recalculate the data on the page each time from the current cart data.  Two is to make sure that client-side caching is disabled.  If you do these 2 things the page should never be able to display out of date data.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial