Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

HTTP Referer  RSS feed

 
vipul patel
Ranch Hand
Posts: 146
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Guys,

In my login.jsp, the very beginning of the code looks like this. It seems that it is extracting HTTP referer. But what is actually accomplished by it?


Code Snippet:
-------------

<%
if (session.isNew())
{
String referer = request.getHeader("Referer");
if (referer == null)
{
response.sendRedirect("home.jsp");
}
else
{
response.sendRedirect(referer);
}
}
/*else {
System.out.println ("session is old");
try {
session.invalidate();
} catch (Exception e) {}
response.sendRedirect("home.jsp");
}*/
%>
 
Ulf Dittmer
Rancher
Posts: 42972
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The referer might be null (i.e., there is no referer header) if you type in the URL in the browser, or if you access the page through a bookmark. Apparently, the author of this page does not want a user to start at any other page than home.jsp.

This is not a good design, because it assumes that the referer is sent, when in reality it may not be sent (e.g. if you crank security restrictions all the way up in IE, or if you set the associated configuration item in Firefox, then those browsers simply won't send the header).
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!