I think the title isn't clear enough because I didn't know how to ask it.
What I'm doing is requesting general handler using ajax and I want to know the current url of the page, I think I can use javascript method to get the current url and send it with the request as parameter, but the problem is that the user can change the url before clicking the button and sending the request so I'll never knew if this is the real url.
Any idea how can I do it ?
Many thanks
I think that the safest way is to get it from the server-side. You can use this.Request.UrlReferrer to get this information.
I think window.location.href is always the real url.
Related
Is it possible for me to scrape the data from the pop up appears after clicking the link.the website is https://ngodarpan.gov.in/index.php/home/statewise_ngo/61/35
Of course it's possible, it's just a table with pagination.
But you'd better check the legal part before scraping a website, moreover on a governmental one.
Yes, you have to follow exactly what browser does. See network behaviour from your browser.
First, you have to send request to https://ngodarpan.gov.in/index.php/ajaxcontroller/get_csrf in order to get token like this :{"csrf_token":"0d1c59184c7df788dc4b8759f6da40c6"}
After, send another POST request to https://ngodarpan.gov.in/index.php/ajaxcontroller/show_ngo_info. As parameters you have to mention csrf_test_name which which is equals to csrf_token and id which is found from onclick attribute of each link.
You will get JSON as response and just to parse it as you need.
i heard that , if your asp.net page is inside a iframe, and u want to get the parent url, you can achieve this by using the referrer?
i tested is okay, and found that the window parent url will included in the referrer when called the iframe content
Request.UrlReferrer.ToString();
Assume that i can only use server side to achieve
I just want to ask is that way safe?
Any chance to lost the referrer url in this case
The browser is not guaranteed to send the referer. It's all up to the browser/configuration/extensions/proxies and whatnot between the request and your server.
If the user navigates to a different page within the iframe, the referer will point to whatever the user came from.
All in all, never use the referer for any logic that may fail if it's not there or if it has an unexpected value.
You can do this but it is not entirely in ASP.Net.
You would have to get the referrer from Javascript and pass that to the iFrame.
One of the 2 following calls would be what you are looking for.
top.document.referrer
or
parent.document.referrer
Is there a way to set pages to expire in ASP Classic so that the user can't hit back and re-do anything?
Is this a good practice?
If you force the page to 'expire', it would have the opposite effect you want: It would actually force the browser to make the request again (because it's been told the data it has expired)
I suspect you might be barking up the wrong tree here, though. Are the pages that "do stuff" using the Query String values as the parameters to take those actions? In other words, is the page that links to the 'action' page doing so via a regular anchor tag with query string parameters in the URL, or via a form using the GET method?
If so, you should change the form submitting that action to a POST form. Doing that will not only result in a prompt in the browser if the person uses the Back or Refresh buttons to try to reload that page, but also helps protect you against Cross-Site Request Forgery attacks. (more info on XSRF here)
What is the problem that you are trying to solve? If the back button is forcing something to be updated on the server, then you are better off making sure that you don't allow pages to be in the browser history that can cause problems.
After a POST, I often do a Response.Redirect so that the POST is not in the browser history. This helps avoid these types of issues.
I notice on some sites i can login wrong which brings me to a login page. log in incorrectly again which brings me to a wrong password page (where i can log in) and if i login wrong again i dont increase my page history count. It takes exactly 2 backs no matter how many times i get it wrong and i dont see any pages in my forward history
How do i do that? ASP.NET
Take a look at this:
Server.Transfer Vs. Response.Redirect
Basically, if you want to do it without the user (browser) knowing about it, you use Server.Transfer; otherwise you do a Response.Redirect.
Also note, although not in server side code, there is a possibility the site uses Javascript like location.replace() - this way the history does not change.
You dont. As long as the login url stays the same there wont be another page added to the history. There may be parameters after the ? that changes the url or possibly POST data.
How do I send an HTTP GET request without a form? This request is performed on a web page.
For more details on what I'm trying to accomplish and why, see my question here: http get/post request and google geolocation api
Any link is a GET request, so, just make a link, add the extra info at the end, done.
http://someurl.net/somelink?value1=avalue&value2=anothervalue
A normal hyperlink does a GET request when the user clicks on it. Loading an image is also a GET request, as are most of the other ways of embedding things in a page. If you're trying to do it via JavaScript, you can use an XMLHttpRequest.
You can use Ajax and jQuery's get method:
$.get("someURL.php?variables=true");
Note, that you will only be able to make requests to the same domain OR the target domain must return JSON formatted results.
In plain HTML you can do that e.g. requesting an image:
<img src="http://example.com/?bla=bla">
< a href="www.google.com">google</a>
I agree with altCognito points out using jquery but I'd rather use
$.get("someurl.php", { variable: value });
I like this way better because it allows me to send objects instead of concatenate strings.
you can see a couple of samples here