Reputation: 5002
Calling javascript ahead of response.redirect
I am trying to restrict an unauthorized user from accessing a Utilities.aspx page and redirect him to Default.aspx page.
if (authorizedUser.ToLower() != "admin")
{
if (!ClientScript.IsClientScriptBlockRegistered("UnauthorizedUserRedirect"))
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "<script>alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.')</script>", true);
Response.Redirect("Default.aspx");
}
}
However, while the redirect is working fine, the alert is not showing up on the page. Searching for this issue tells me that Response.Redirect completes its action before the client side code is rendered at all.
How can I display the alert before the Response.Redirect?
I also tried these two approaches in Page_Load of Default.aspx and both didn't work. If a certain session bariable is set, then display the alert.
if (Session["unauth"] != null)
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.');", true);
}
if (Session["unauth"] != null)
{
form1.Attributes.Add("OnLoad", "javascript:alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.');");
}
Upvotes: 1
Views: 5655
Answers (8)
Reputation: 8726
try this in javascript function after alert add
top.location='default.aspx';
now your code like
if (authorizedUser.ToLower() != "admin")
{
if (!ClientScript.IsClientScriptBlockRegistered("UnauthorizedUserRedirect"))
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "<script>alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.');top.location='Default.aspx';</script>", true);
}
}
Upvotes: 0
Reputation: 138
You need to use Client side redirect to another page.
if (authorizedUser.ToLower() != "admin")
{
if (!ClientScript.IsClientScriptBlockRegistered("UnauthorizedUserRedirect"))
{
ClientScript.RegisterStartupScript(this.GetType(), "UnauthorizedUserRedirect", "alert('Unauthorized access!\n\nYou have attempted to access a page that you are not authorized to view.'); window.location.href = 'Default.aspx';", true);
}
}
Upvotes: 0
Reputation: 8871
Instead of Redirect, You can try like this :-
System.Text.StringBuilder sb = new System.Text.StringBuilder();
sb.Append("<script language='javascript'>");
sb.Append("alert('hello');window.location.href=\"page2.aspx\"");
sb.Append("</script>");
ClientScript.RegisterStartupScript(typeof(Page), "anything", sb.ToString(), true);
Upvotes: 0
Reputation: 101614
Response.Redirect is setting a Location header which the browser sees and runs with before it sees any content on the page. If you want the page to actually execute you'd have to allow them to get to the page first and not just redirect them.
Example:
Client Request:
GET /Utilities.aspx HTTP/1.0
Host: www.somehost.com
User-Agent: Mozilla/4.0 (Windows XP)
Accept: text/html, */*
Server Response:
HTTP 300 OK
Location: /SomeNewPage.aspx <-- Browser see this and goes
Content-Length: 12345
<html> <-- ignores from here down
...
<script>alert('You\'re being redirected');</script>
...
</html>
Client New Request:
GET /SomeNewPage.aspx HTTP/1.0
Host: www.somehost.com
User-Agent: Mozilla/4.0 (Windows XP)
Accept: text/html, */*
...
Upvotes: 3
Reputation: 2035
Try to use
ClientScript.RegisterStartupScript(Page.GetType(), "", script,true);
Not
this.GetType()
but
Page.GetType()
Upvotes: 0
Reputation: 9399
I'm with @ClaudioRedi on this one. The only way to do that is via JavaScript, in ways that:
- May be blocked by the browser, even if JavaScript is enabled;
- Will surely open a security hole.
My suggestion is that you have that alert show after loading the landing page.
Upvotes: 1
Reputation: 68400
You can't use HTTP redirect + javascript. If you want to show an alert messaje before redirecting, you'll need to use a 100% javascript solution, generating a big security hole that could easily cause unauthorized accesss to that page.
I'd say the best you can do is showing a descriptive message on target page. You could send a querystring parameter for this.
Upvotes: 3
Reputation: 887459
You can't.
Redirects are an HTTP feature; performing a redirect skips your page entirely.
Instead, you can use more Javascript to perform a client-side redirect after the alert.
Specifically, set location.href.
Upvotes: 3
Related Questions
- run a javascript code before response direct in asp.net code behind
- Run JavaScript before redirect to other page
- How do I call javascript just before a response redirect
- Catching ASP.NET's Response.Redirect
- Javascript getting ignored because of Response.Redirect()
- Javascript alert() after Response.Redirect
- How to perform a javascript action right after redirect?
- Redirecting to another page using C# Response.Redirect in javascript
- Run Javascript Function before response.redirect in classic asp
- Need to call client script before a Response.Redirect. Any suggestions?