Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

How to prevent a webpage from opening directly?

Avatar

Level 2

I have a request-information component through which an user can submit his enquiry. When he submits the form, the thank-you page that I have created is shown to the user.

 

Now the scenario is such that say the thank-you page has an url: abc.com/xyz/thank-you.html But I don't wan't anyone and everyone to see the page when they simply hit the url instead they should see Server Error (500). The page should only come up when the user submits an enquiry.

 

How to stop the page from directly loading when I put in the url in the address bar?

 

@SantoshSai  @DEBAL_DAS @lukasz-m @arunpatidar @BrianKasingli

 

Thanks!

1 Accepted Solution

Avatar

Correct answer by
Community Advisor

Hi,

There are two ways to do it.

1. Client side - check if page has referer that means , the user is not hitting page directly, this can be done using javascript, If no referer then you redirect user to 404 page, put this in head section so no rendering is done.

document.referrer

2. From server side check the referer header , if null then set 404 or 400 but for this page should not be cached.

 String refererHeader = request.getHeader("referer");
if (refererHeader == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST); return; }

 



Arun Patidar

View solution in original post

4 Replies

Avatar

Correct answer by
Community Advisor

Hi,

There are two ways to do it.

1. Client side - check if page has referer that means , the user is not hitting page directly, this can be done using javascript, If no referer then you redirect user to 404 page, put this in head section so no rendering is done.

document.referrer

2. From server side check the referer header , if null then set 404 or 400 but for this page should not be cached.

 String refererHeader = request.getHeader("referer");
if (refererHeader == null) {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST); return; }

 



Arun Patidar

Avatar

Level 2

Hi @arunpatidar ,

 

Since I am very new to AEM, can you help me out by mentioning where exactly I need the 

document.referrer

if I am going with the client-side approach. Will it be at the component level JS or page component js?

 

Thanks! 

Avatar

Community Advisor

You can put this code in head.js, so that check can be done early as possible. 

 



Arun Patidar

Avatar

Employee Advisor

Depending on the situation you might want to avoid that's already good enough. But of course it's very easy to fake. But if you just want to avoid people getting there because the page is indexed by the search engines, it's probably good enough.