Z
Z D
Hello,
I'm trying to create an ASP.NET page that ONLY allows access if its
linked-to from another specific server. I know the IP address of this
server.
I was wondering how I'd go about setting this up in a secure way?
I considered using HTTP_REFERER but I found that its easy to spoof this and
its not very reliable.
What other options do I have? I'd like to avoid passing something in the
querystring because it's just too easy for someone to try and hack it. It
seems, however, that the querystring would be my only option. Does anybody
know of a mechanism that I can use to encrypt the querystring in a
time-dependent manner (so that the user cant copy the querystring and use it
the next day / give it to someone else).
Any suggestions?
thanks!
I'm trying to create an ASP.NET page that ONLY allows access if its
linked-to from another specific server. I know the IP address of this
server.
I was wondering how I'd go about setting this up in a secure way?
I considered using HTTP_REFERER but I found that its easy to spoof this and
its not very reliable.
What other options do I have? I'd like to avoid passing something in the
querystring because it's just too easy for someone to try and hack it. It
seems, however, that the querystring would be my only option. Does anybody
know of a mechanism that I can use to encrypt the querystring in a
time-dependent manner (so that the user cant copy the querystring and use it
the next day / give it to someone else).
Any suggestions?
thanks!