Valid Refering URLS

Description: This piece of code will make sure that the URL that has referred your ASP page, is in your list of allowed URL's.


This is useful for Form submission, so you can ensure that only YOUR form scripts are the ones posting to your asp scripts, no hackers please!

Just place the url's you want to allow in the constant ValidReferers (No http:// or ending /'s)

<%
 const ValidReferers = "example, paranoid.example.com, 203.55.163.110"
 Function CheckReferer()
    dim arURLs, tmpCount, boolValidURL
    dim strURL, nIndex
     arURLs = Split(ValidReferers, ", ")
     boolValidURL = False
     strURL = Request.ServerVariables("HTTP_REFERER")
    If LCase(Left(strURL,7)) = "http://" Then strURL = Mid(strURL,8)
    If LCase(Left(strURL,8)) = "https://" Then strURL = Mid(strURL,9)
     nIndex = InStr( strURL, "/")
    If nIndex > 0 Then strURL = Left(strURL,nIndex-1)
    For tmpCount = 0 To UBound(arURLs)
    If strURL = arURLs(tmpCount) Then boolValidURL = True
    Next
     CheckReferer = boolValidURL
 End Function
 
If CheckReferer Then
 'the URL is ok - do rest of processing
 Else
 'referring url is bad. Spit out an error message
 End If
 %>


valid referer url functions contants asp


Back To Top
© 1998 - 2017 psacake.com | My3C's

Version 7.2 | Advertise on this site