How to get the full referring exact page URL from subdomain (abc.example.com) to www.example.com using HTTP context in C#?
Example:
First I am going to visit – https://abc.example.com/page1/category1
Then navigate and lading to this --> www.example.com/page
In this case, I need to get this URL (referrer) https://abc.example.com/page1/category1 from HTTP context or any other way in C#.
Reviewing the documentation for Referrer-Policy (https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) it seems my only option is to set it to unsafe-url (HTTP).
I need the ability to track the full referring page when navigates from abc.example.com to www.example.com. Is that possible?
Related
I have an asp.net C# website its url is like abc.com so when the website is loaded for the first time its url that appears is abc.com
But when i visit any other page and come backs to the home page its url become abc.com/home.aspx.
But i want it to be the same i.e abc.com means i want that the url that appears when the website is loaded for the first time and the url that appears for the home page after visiting any other page should be same.
I think url rewriting will be used here but i am not sure neither i have any knowledge how to use it so please help.
By default this happens because of Default Document feature.. You can read about more from http://www.iis.net/learn/web-hosting/web-server-for-shared-hosting/default-documents link.
However once you open us the website abc.com and when you navigate it will surely show you the page name like www.abc.com/home.aspx
And thus what you are looking for seems not possible.
You can use link tag marking the canonical in the header of the page. So, in abc.com/home.aspx you can generate the link tag that tells crawlers that this is a duplicate of abc.com and dont crawl it.
Here are more reference regarding the same subject:
http://www.seomoz.org/blog/which-page-is-canonical
http://guyellisrocks.com/coding/adding-a-canonical-link-element-in-asp-net/
If you see your home page when you visit abc.com it looks like your default page is set in place.
You can easily redirect user to "/" and it probably will be enough
I am developing an iframe for use on a number of our partners websites.
Is there any way I can make sure it can only be used on those websites and not by anyone else
I was intending to add a compulsory querystring to the URL for the website.
Each partner would have a different value in the quesrystring dnd use that to look up an allowed domain
However, is there anyway to know the top level domain of the site hosting the iframe?
Presumably this is not sent in the http request for the iFrame? Or is it, I couldn’t see it?
Or do you need to send the domain from javascript?
Any advice?
However, is there anyway to know the top level domain of the site hosting the iframe?
Nothing reliable.
Presumably this is not sent in the http request for the iFrame? Or is it, I couldn’t see it?
It might be sent in the referer
Or do you need to send the domain from javascript?
If you want to fetch it from the framed page, you will be blocked by the same origin policy.
If you want to sent it from the framing page, you will be putting it in the query string and you can't trust it because it can be set to whatever the person writing the framing page likes.
There is also the X-Frame-Options header (but that has limited browser support).
The most reliable solution I can think of is:
Require the origin to be specified in the query string used to load the frame
Check the referer. If it doesn't match your white-list and is not blank, redirect to a page that is blank except for a link to your site with target="_top" and some JavaScript that top.location = "your site"
Check that the origin specified in the query string is on your whitelist, if it isn't act in the same way as a rejected step 2
Output an X-Frame-Options header that limits the framing to the specified origin
That is likely to catch enough browsers to discourage the framing site from framing your site.
You can try to check referrer which normal browser will send for IFrame requests on the page.
You also can use "x-frame-options" header covered in (How to Block Iframe call and MDN ) but not every browser will respect that (on other hand it is more reliable if browser supports it).
iframe's sanbox attribute might be helpful in controlling the various security aspects in an iframe including origins
http://www.html5rocks.com/en/tutorials/security/sandboxed-iframes/
The Architecture Journal of 2007 has a nice article about this: Secure Cross-Domain Communication in the Browser
Basically what the article suggests is:
If you have page A on domain 1 with an iframe with page B on domain 2 as its source , then having an iframe on page B to page C on domain 1, would allow you to pass information across domains
I haven't tested it, but this sounds like it could work.
Another possibility is create a file with a special filename (for instance a hash of the URL of page B on domain 2) and basic extension (like .htm) and place it in the root of domain 1. Checking whether the file exists on domain 1 cannot be done by javascript however, so it should be done with server side code.
How to check using C# if "redirect" to "default document" happened?
For example, in browser I type URL: mysite.com/. When on server I check HttpContext.Current.Request.Url.AbsoluteUri, i receive mysite.com/default.aspx...
How I can get the exact URL that user has in his browser?
Thanks
EDIT: After some questions about the needs, I will give more details.
I have page with default.aspx with iframe inside of it. The iframe src is not the same origin (default.aspx is http and iframe content is https). On server side, i need to set the query string param to the src of iframe to include the exact URL that user has in browser. I need it in order to be able to set parent.location = parentURL + '#myparam' on iframe client side.
Currently everithing works fine, except when the request made to domain name without providing file name.
Try HttpContext.Current.Request.RawUrl
You typed
mysite.com/.
and you get
mysite.com/default.aspx...
Because you have set default.aspx as the default / Start up page in your site. The browser always redirect to the default page. I think when we type mysite.com the asp.net automatically appends the default page in the URL, so when we use Request.Url we get the mysite.com/default.aspx
Reading your intention of the IFrame, perhaps you are looking for Framset Script to determine the redirection ?
if (parent.location.href==window.location.href)
{
// you re-direction codes...
}
EDIT :
Giving a different HTTP and HTTPS, it's likely the Same Origin Policy kicked in. There is a workaround you could use PostMessage interface for cross sites.
Other option would be managed by Server(IIS) so that both http/https url request setting to default document , so that you don't need to alter client-side scripting for such complication handling.
You should delete 'Default.aspx' page from your IIS Default document list. then you get exact URL that user entered.
I have a subdomain that is http://trade.businessbazaar.in . I am dynamically creating urls from database something in this manner http://trade.businessbazaar.in/mycompany. To display details, I have an index.aspx file there,thinking that on every request the index.aspx page will load and display data accodingly. Also, There is a masterpage on the index.aspx page from where i am capturing the text mycompany and query it in database to fetch result. But nothing seems to work.
A genuine link is http://trade.businessbazaar.in/Symparlife. But its unable to load index.aspx. I need a clean approach without any third party dll or rewriters. Directly to push some lines in config and start working. That is url will be the same but index page will get loaded...
In short, i want to say
I need the StackOverflow type clean url mechanism to fetch pages
Thanks in Advance
You can handle the Begin_Request event in Global.asax and add custom code to redirect to index.aspx and convert the parts of the URL into query string arguments. You should use Server.Transfer to keep the URL in the browser.
I'd recommend upgrading to 4.0 and using the Routing enine though. You should check if the standard routing is available as a download for ASP.NET 3.5. I am sure your code will get messy very soon. Been there, done that.
As #Mike Miller mentions in the comments the Routing engine ships with ASP.NET 3.5. You can check the documentation here - http://msdn.microsoft.com/en-us/library/system.web.routing(v=vs.90).aspx
Here is a tutorial on how to use it with Web Forms - http://weblogs.asp.net/scottgu/archive/2009/10/13/url-routing-with-asp-net-4-web-forms-vs-2010-and-net-4-0-series.aspx
For your case the code would be something like:
routes.MapPageRoute("company-index", "/{company}", "~/index.aspx")
And in index.aspx you can access the route value for company like this:
string company = (string)Page.RouteData.Values["company"];
Keep in mind that you'd better add something in the URL before your actual argument (the company name). If you don't you will have problems later on when because you may want to add a URL like "/Login" but then you will have to validate that users can't create a company named "Login". Not how Stack Overflow has "/questions/" before the actual question info in the URL.
Let's say I have a website www.mysite.com and I want it to be a multilingual site. Following are the things I wanna achieve :-
1. When a user visits my website, I want to fetch the user's country's ISO code. Let's say the ISO is "FR".
Now I want the user to be redirected to www.mysite.fr
In case the ISO address can't be fetched, the user will be redirected to www.mysite.com
Now I have used the dll from this site http://ipaddressextensions.codeplex.com/ and used their method which is something like
iso3066code(). BUT I am not able to fetch ISO code based on a user's IP address. What is the best method to fetch the ISO code anyway??
2. I have a differenet master page for different countries. Like for France there is France.master, for Germany there is Germany.master, etc.
What I want is that firstly the ISO Code of the user should be fetched, then the user should be redirected to the site corresponding to the ISO
AND want the corresponding master to load.
Here's a scenario:-
A user from France opens my website by typing "www.mysite.com". Now I want to show the user my site's contents in French so I want him to be redirected to
"www.mysite.fr" AND want the France.master to load for all the pages. What I am doing is check the "Top level domain name" entered by user which is "com" in this case, then I fetch the ISO code
then if ISO exists, user is redirected to "www.mysite.fr"
IN CASE, ISO cant be fetched , "www.mysite.com" will only be opened for the user.
3. How do I redirect the user?? Response.Redirect("http://www.mysite.fr") is failing and giving errors like :-
"Page is not redirecting properly" I tried changing it to Response.Redirect("http://www.mysite.fr", false)
and Response.Redirect("http://www.mysite.fr", true). This didn't work.
4. www.mysite.com and www.mysite.fr aren't two different websites.Just that when is it www.mysite.com, English content will be shown on the website.
When it is "www.mysite.fr", French content can be seen inside the website.
What I did was :-
In the Global.asax file :-
I tried fetching ISO code using that dll above from the site ipaddressextensions. Then I created this Application("UserISO") variable in Global.asax file.((Is this a good approach?))
I needed to make it because I wanted to use this global variable within my Global file itself..In some user defined method.
Then I am setting master page name in a cookie and using this cookie to change master page dynamically for every content page in the Page_PreInit() event.
and lastly I am redirecting the user with " Response.Redirect("http://www.mysite.fr", false)". This response.redirect doesnt work!
Now, AM I on the right path?? I am super confused over how to actually make it work! :(
How do multilingual site redirect their users? Where can I learn about all this ? I have tried and tried and tried but this just won't work!
Lastly, there are not really any domain names set for the site as of now. Running it using the IP address set in the IIS.
So how do I test my site. How do I really go about it. Am I following the correct approach at all??
Please direct me to the right path. ANY help will be greatly appreciated. Thanks!
Belgium has 3 official languages, you can't find my language by just looking at the ip address or the domain.
The best way to find the language of a visitor is to check the language of his browser. You can find it in Request.Userlanguages.
Don't do this. It's really frustrating when you try to assume what language the user speaks. You're bound to get it wrong for someone eventually. Put some small flag icons or the language name choices on your main page in a highly visible place, and let your visitors chose what site/language they want to browse in.
Facebook's main sign in page is a great example of this.
Edit: The best you could probably do is to use the HTTP1.1 Header Accept-Language as a hint, but even then I think you should push back on this requirement of your project.
You get redirect error because the .fr site is probably the same site as .com, but session cookies are only valid for a certain domain which means that Session_OnStart() is invoked on the redirect as well. One way to circumvent this is to override the redirect/ip-lookup somehow, maybe send in a querystring or a specific landing page that you can identify:
www.site.fr/?overrideredirect=true
www.site.fr/redirected.aspx -> which then redirects back to / after Session_OnStart
In order to choose the right master page, you could probably identify which host that was requested and from that override master page in your global.asax, perhaps in the BeginRequest event.