The Referer checks the a URL that posted the request against it value stored in it's content section.

This example uses it with an AuthUser tag to see if the request for a protected resource came from an accepted URL:

<dxp:AuthUser type="PW" lifespan="120" store="user">
   <dxp:Referer>http://yourwebsite.com/timeform.html"</dxp:Referer>
   <dxp:Resource priv="POST" resname="mycompany.timelog" />
</dxp:AuthUser>

The example above will check the referer before doing any other checks. Since the tag is enclosed by a AuthUser tag this check will take place in the DxpServlet before the page is allowed to run and before an output buffer is created.

Here is how it can be used as a standalone tag that checks a referer as the page is running:

<dxp:Referer redirect="http://yourwebsite.com/errdoc.html">http://yourwebsite.com/timeform.html"</dxp:Referer>

The example above can be used with applications where you want to send the user to an error document rather than kick them out. This is useful if a user has arrived at a page out of the intended sequence of events in an application. This would be applied to cases where the user has already authenticated or where the page does not require authentication.

Return to Index

Note: We have tried to test all of the code examples but they may contain errors. Any questions, comments, suggestions, or problems should be sent to info@plands.com.