Re: HTTPS redirections

["Jason Ross" <algorythm () gmail com>]

On 8/24/07, anthony () synt3gra com <anthony () synt3gra com> wrote:
> I have noticed how some websites only allow access to a particular
> page if a link within the page has been 'clicked' ie. user cannot
> paste link address in browser bar to get to desired page.
> For security purposes I would like to create a script and achieve
> similar results.

I believe that (at least one way) this is done is by checking the
referer header. In PHP this can be accessed via the predefined
variable: $_SERVER['HTTP_REFERER'], other languages should have
similar methods of obtaining this.

AFAIK, there is not a difference between HTTP and HTTPS as far as
this method is concerned.

--
Jason