Here is my situation:
Page1.aspx redirects to Page2.aspx which does some processing (does not display to the user) and then redirects to Page3.aspx which checks the ServerVariables["HTTP_REFERER"] or Request.UrlReferrer.
I understand that the referring information can sometimes be blank and can't be entirely relied upon; however the ServerVariables["HTTP_REFERER"] or Request.UrlReferrer on Page3.aspx is showing Page1.aspx instead of Page2.aspx which I would have expected.
Does the referring information only get set if the page displays to the user?
Redirecting is done using Response.Redirect in order to change the URL in the address bar of the browser.
because the http redirect instructs the browser to find the page in a new place, so the browser assumes it's still dealing with the original request on page1.aspx, and hence sends that through as the referer :)
it's worth bearing in mind that the referer is just sent through from the browser and hence cannot be trusted 100% - some proxies remove it altogether for example.
I believe part of it depends on how the page is being redirected: Server.Transfer or Response.Redirect.
http://haacked.com/archive/2004/10/06/responseredirectverseservertransfer.aspx
Related
I am trying to redirect to a page from the server without referrer. Right now I am doing redirect like this:
I haven't found any overloads for Redirect method or any other ways to redirect without referrer so it's present on the page:
So is there any solution to redirect without referrer in ASP.NET?
You can't handle the referrer from the Redirect method, but you can do one of the following:
Launch the new page on a new window.
Using a meta tag on the content page as follows:
<meta name="referrer" content="no-referrer" />
Or you can add the tag following this answer: How to add meta tag to ASP.Net content page
Move the redirect logic to the front and use rel(attribute specifies the relationship between the current document and the linked document) use:
link
I think you're asking "after my C# server code sends a redirect to the client browser, telling it to go somewhere else, I want the browser to NOT put my site URL into the Referer header when it goes to that somewhere else"
You can't, if it's direct, unless you're redirecting from a secure page (yours) to an insecure page (theirs)
You'll probably have to create an interim page that you redirect to, that has some client side scripting that performs the actual transition (like those "thanks for searching your flight with expedia, please wait while we transfer you to the airline to complete your booking" type pages) because then you can take control of what their browser sends; if you straight refer them, you can't
I am looking for a method that will forward my form post. I have an outside source posting me SAML, I need them to POST to my defualt page to create a cookie before I can redirect them to the page they can operate on. The issue I am having is when I redirect them to the page they can work on the form variables (post data) is lost. I can see in fiddler I am receiving their SAML in the WebForms, but when I response.redirect to the next page, the form data is gone. I understand this is because response.redirect does a get, I was wondering if someone knew of another method, or solution to this problem. Thanks in advance.
Client Posts Saml To My default page -> my default page redirects to a shopping page (because the shopping page creates a non-user cookie) -> the shopping page then redirects to a results page (the results are based off of what is in the saml). Short: I need to preserve the initial SAML posted to me across multiple pages so I can process it on my results page. I would like to continually post it to each intermediate page.
Write a POST form to the page, fill in the data, and also write some JS code that triggers a submit. For example ADFS does this with SAML tokens.
When I use
Server.Transfer("PageName.aspx");
I am transferred to the correct page, but the url is the url of the first page.
In other words, say page1.aspx Server.Transfers to page2.aspx.
page2.aspx is rendered, but the url reads page1.aspx.
The problem was I need to pass parameters to page2 in the url, and the params were not getting through.
I got around it by using
Response.Redirect("PageName.aspx?parm=val");
I had been using Server.Transfer because I was under the impression it was more efficient.
What are the other differences? Are there any other reasons for using one rather than the other?
So far I have:
Use Response.Redirect
if you want to pass parms
if you want to transfer to a site on another server
Use Server.Transfer for
the efficiency of saving one server roundtrip
Well, there are certainly more detailed and probably more correct answers than this, but ...
Server.Transfer:
Browser: Hey server, I want pageOne.aspx!
Server: Suuuuure, here you go (sneaky laugh). (returns pageTwo.aspx)
Response.Redirect:
Browser: Hey server, I want pageOne.aspx!
Server: Actually, you want pageTwo.aspx.
Browser: Oh, ... okay. Can I please have pageTwo.aspx?
Server: Yup. (returns pageTwo.aspx)
You are right, Server.Transfer is more efficient because it eliminates a round-trip between the server and the browser. Response.Redirect sends a redirect response back to the browser forcing the browser to send a new request back to the server with the redirected URL. Response.Redirect allows the browser to know what the redirected URL was and display it in the address box. In the case of Server.Transfer, the browser has no clue that the response came from a different page.
Server.Transfer maintains the original URL in the browser and yes it is more efficient as it skips a round-trip but hence it should be only used for pages on the server.
Check Server.Transfer vs Response.Redirect for better use of them.
Server.Transfer is supposed to keep the URL in the address bar the same; that's the defined behavior. The way you are doing it with Response.Redirect is the correct way if you want to change the URL.
Let's say I have two pages on the same ASP.NET C# WebSite.
Page1.aspx does things in the Page_Load event
I navigate to Page2.aspx using the menu
Page2.aspx does some things then Response.Redirect back to Page1.aspx
Page1.aspx cannot do things in Page_Load event this time because it never fires.
I tried to turn off cache declaratively, tried using true for endResponse in my redirect... nothing seems to make a difference.
Never mind everybody! I am a moron!
Using Visual Studio Dev Localhost the Redirect was redirecting to the live page! :)
The reason for the page executing doesn't affect the page cycle, the Load event always fires when the page is executed.
So, if the Page_Load doesn't run sometimes, it's because the page is cached and doesn't execute on the server. The page can be cached in the browser, in a router somewhere along the way, or on the server using server side page caching.
If you haven't enabled server side page caching for the page, it's cached in the browser or in the network. You can use cache settings to try to elliminate this:
Response.Cache.SetCacheability(HttpCacheability.NoCache);
This will keep the page from being cached in normal circumstances. (Check also that your browser isn't in offline mode, then it will use anything in the cache regardless of it's cacheability settings.)
When you navigate to a page using the Back button, the page is reloaded from memory, and no request is sent to the server.
You can confirm this using Fiddler.
I'm not sure if this is true in all browsers.
If you are redirecting, it's possible the client is caching the response. In order to get past this you might add an extra query parameter that simply holds the time.
This is usually enough to get past most pages caching mechanisms.
Try using Server.Transfer instead of Response.Redirect.
The client will not see the URL change but this may not matter, depending on your requirements
I had the same problem and found that this works for me: (add this on the Page_Load section)
if (this.Master.Page.Header != null && Session["RELOAD"] == null)
{
System.Web.UI.HtmlControls.HtmlHead hh = this.Master.Page.Header;
System.Web.UI.HtmlControls.HtmlMeta hm = new System.Web.UI.HtmlControls.HtmlMeta();
hm.Attributes.Add("http-equiv", "Refresh");
hm.Attributes.Add("content", "3");
hh.Controls.Add(hm);
}
and then I add Session["RELOAD"] = "1" right after it executes the code I want to run to prevent it from refreshing over and over again. Works like a charm.
Changing VS from debug to Release mode worked for me ....
Please run the following code to disable the page cache in firefox.
Response.AppendHeader("Cache-Control", "no-store");
Apply this in page load of master page.
I wanted to know if there is a solution using IIS6 for an application to get rid of the default.aspx text in the url. so for example if a user hits:
www.website.com/default.aspx
the browser only shows:
www.website.com/
No matter what.
It's just for SEO.
I already use UrlRewriting.NET for some rewrites in my app but for I'm not that clever to create a rule for that.
Any help is much appreciate.
Thanks.
Jose
I think ScottGu already has the topic of rewriting in ASP.NET covered: http://weblogs.asp.net/scottgu/archive/2007/02/26/tip-trick-url-rewriting-with-asp-net.aspx.
He covers things such as:
Rewriting using UrlRewriter.net, ISAPI Rewrite
ASP.NET Tricks, posting back (hitting the friendly version of the url)
With your problem I think you need to use a combination of, never linking to 'default.aspx' ie. ONLY link to '/'. Then use Scott's Form Postback browser file to ensure postbacks always hit that same friendly version of the url.
Redirecting 'default.aspx' to '/', which then gets served by 'default.aspx' sounds like a recipe for disaster to me. Just fix your links to ensure you never end up on 'default.aspx' explicitly.
I think the simplest way to change the search results index (assuming it knows about HTTP 301) is to write a little function in your default.aspx's Page_Load that redirects the browser using a 301 Moved Permanently (or 302 Moved Temporarily).
void Page_Load(...) {
if(Request.Path.EndsWith("default.aspx", true/*case-insensitive*/, null)) {
Response.StatusCode = 301;
Response.StatusDescription = "Moved Permanently";
Response.Headers.Add("Location", "/");
HttpContext.Current.ApplicationInstance.CompleteRequest(); // end the request
}
// do normal stuff here
}
If you have something to do URL rewriting, then all you need to do its ensure that your links point to the correct URL.
If you don't fix your links, its up to the browser to decide if it wants to display the actual link it requested.
If you would really like to do a dodgy job, you can use some javascript to make the address bar of the browser display whatever you like, even if its invalid.
If default.aspx is set as the default document to serve in IIS, and all your internal site links contain URL's without the default.aspx then I think that should do the trick.
Although the user can still type in default.aspx, search engine spiders should just pick up the friendlier URL's from your link href attributes.
The way I would do it is to use Application_BeginRequest in public class Global : System.Web.HttpApplication and check the HttpContext.Current.Request.URL for default.aspx, and then use HttpContext.Current.Response.Redirect from there if you find it.
The downside is having a redirect is not always so great and this isn't going to work if you are posting data to that default.aspx page. But you can't simply trick the browser into showing a different url, though you can tell ASP.NET to serve whatever page you want for any request.