G
Guest
Hello!
I'am working on A Web-based interface that is runing at the HTTPD Server
that Windows ce is providing. The system for which the project is build for
is an headless device. I developped a authentication system that will check
the password on a sqlce database, and then redirect the User on different
websites in dependence of the user access rights.
It works well, but I have a major security problem!
When the login data are checked, I create a cookie that is send to the page
to which the user is redirected by response.redirect("xxx.asp").In fact I'm
using asp with vbscripts. I want to make at the top of the target site a
check of this cookie, to ensure that the user not simply came there by typing
the right url. The only problem is that I can't make this cookie_check
because the webserver returns me this error:
The HTTP headers are already written to the client. HTTP header
modifications must be made before writing page content
ASP scripting compilation error: '80020009'
Description:
In file: /Storage Card/ad_bnz_page.asp
On line: 2
Here is the corresponding script:
<%
response.Buffer=true
if request.cookies("rights")<>"2" or request.cookies("st")<>"admin" then
response.redirect("login.asp?mess=6")
end if
%>
If I remove line 2, the same error will occure at line 3 =>
response.redirect("....asp")
How can I make this check work if the respnse.buffer=true method doen't work?
Thx for your help!
p.s: The server method I'm using is POST
I'am working on A Web-based interface that is runing at the HTTPD Server
that Windows ce is providing. The system for which the project is build for
is an headless device. I developped a authentication system that will check
the password on a sqlce database, and then redirect the User on different
websites in dependence of the user access rights.
It works well, but I have a major security problem!
When the login data are checked, I create a cookie that is send to the page
to which the user is redirected by response.redirect("xxx.asp").In fact I'm
using asp with vbscripts. I want to make at the top of the target site a
check of this cookie, to ensure that the user not simply came there by typing
the right url. The only problem is that I can't make this cookie_check
because the webserver returns me this error:
The HTTP headers are already written to the client. HTTP header
modifications must be made before writing page content
ASP scripting compilation error: '80020009'
Description:
In file: /Storage Card/ad_bnz_page.asp
On line: 2
Here is the corresponding script:
<%
response.Buffer=true
if request.cookies("rights")<>"2" or request.cookies("st")<>"admin" then
response.redirect("login.asp?mess=6")
end if
%>
If I remove line 2, the same error will occure at line 3 =>
response.redirect("....asp")
How can I make this check work if the respnse.buffer=true method doen't work?
Thx for your help!
p.s: The server method I'm using is POST