mola10
Reputation: 986
allow requests from specific url
I have controller
public class BilingController : Controller
{
…
[HttpPost]
public string Result (string data)
{
…
}
…
}
Method Result can be caused only by foreign service process.anypayservice.com
How can I check url, is request from service process.anypayservice.com or other service?
Or allow only this url - process.payservice.com for method Result call
Any attribute or I should write custom?
Upvotes: 0
Views: 151
Answers (1)
Oded
Reputation: 499392
You can check the HTTP_REFERER header, but note that it can be easily spoofed.
A better approach is to use some sort of token that can be passed in to your service for authentication.
Upvotes: 2
Related Questions
- Deny direct URL access to action method
- Action to only allow request from same webserver
- How to block some HTTP methods to specific URL?
- Allow access only from specific url in ASP.NET core web service
- ASP.NET MVC block a specific URL from the Default route
- mvc web api only allow requests from same server
- ASP:NET MVC Route Config allow #
- MVC 3, prevent people browsng on server through URL
- Custom authorization based on url in ASP.NET MVC
- ASP.NET MVC: Restricting access using url