Asp.net: How do you prevent users from accessing certain web pages by writing the url of these pages?

How can I prevent users from accessing web pages by typing the url of these pages in the address bar of the browser?


I tried checking for the ';REFERER'; server variable and if it's null, then redirect the user to the home page..but this actually prevents pop up pages from being displayed for the user when he clicks on a link to access another page.


Is there any other way to achieve this?


Asp.net: How do you prevent users from accessing certain web pages by writing the url of these pages?
Another way is to use a session variable that is passed only from certain pages...You can do such a think by instantiating the variable in an onclick event on the server side. The coding is pretty simple, it's just:





VB.NET:


Session(';mySession';) = myValue





C#


Session[';mySession';]=myValue;





Then, you can set up an if block to check on the page load event if the session variable exists and is set properly. If not, redirect the user. I've used a simply boolean value assigned to a session variable to set whether the user can access a page or not before.Asp.net: How do you prevent users from accessing certain web pages by writing the url of these pages?
If you only want certain machines to be able to access the stated pages, you can do something like:





Dim s


s = Request.ServerVariables (';REMOTE_ADDR';)





' if not acceptable addresses then redirect


if s %26lt;%26gt; ';127.0.0.1'; and s %26lt;%26gt; ';127.0.0.2'; then


Response.Redirect ';Your URL';





end if