CODEWITHSUNDEEP
javascriptapache
user2986042
user2986042

Reputation: 1270

Access File only via Redirect, Block other Methods

I have the following files on my server:

var/www/html/web/
                -- login.html
                -- files/content.html
                -- css/
                -- js/
                -- images/

My aim is when a valid user heads to my domain and/or opens login.html, it will redirect them to content.html. I can do this easily with JavaScript.

Next, I need to block access to content.html through any other method but that redirect. If a user tries to head straight to the reference of the file, it will not allow access; the same goes for all my other folders. Also If the content page access via new tab , then also it redirect to login page .

How can I go about doing this? Usage of .htaccess?

Upvotes: 0

Views: 59

Answers (2)

symcbean
symcbean

Reputation: 48387

I'm about to vote to close this, but commenting here rather than in the comment box (due to space restrictions).

You have a "login.html" page but you don't want users to login before getting access to the content. This appears to be absurd. There might be a sensible reason for it, which might have something to do with the problem you are trying to solve. If that is the case, then knowing what it is would help in formulating a response.

Next, I need to block access to content.html through any other method but that redirect

This requires you to perform some sort of state management. You've not mentioned any capability serverside for this (PHP, Perl, python etc). You could drop a cookie in Javascript and redirect away based on the cooie, but this only proves that the user has previously visited the login.html not that they navigated to the page via the previous redirect. Further state is therefore maintained and asserted by the client which is insecure.

You've provided no explanation of what you are trying to achieve with this redirection, nor provided any context nor details of any constraints.

Upvotes: 1

JensV
JensV

Reputation: 4544

You can use document.referrer to see where the user came from. Then if a user didn't come from there you redirect him back or something like that.

You could also set a cookie on the login page and the content page checks for that.

Upvotes: 0

Related Questions