We have two websites. What we want is for a user to log into one website, then, when he goes to another website, he no longer needs to login.
What I did was to place an image on the web page of the first website, which is shown after user logs in. That image is downloaded from the second website. In the action method in the second website which serves the image, I place an authentication cookie and logs user in.
Contradicting outcome:
After user logs into the first website, he still has to log into the second website. Although the image was indeed downloaded from the second website, it did not insert an .ASPXAUTH cookie.
However, if I manually invoke that action method by placing the URL of that action method into browser and hit enter, the second website did insert a .ASPXAUTH cookie, and I no longer need to log into the second website.
What's the difference between the web page on the first website downloading the image, and me doing it manually?
Related
How URL redirection is performed depending upon the traffic source user is coming from.
For example, when the below link is accessed directly from the browser, it lands user to a certain page. However, same link when shared on facebook page, a facebook user when click on that link lands totally to a whole different URL.
Example Link :
https://nicest-animalss.vercel.app/posts/vеt-whо-rеfusеs-tо-еuthаnizе-раrаlуzеd-рuрру-gеts-hugе-surрrisе-hоurs-lаtеr/
The above link is when accessed through facebook, it lands user to a different URL.
i-e
https://amazing-pets.online/vеt-whо-rеfusеs-tо-еuthаnizе-раrаlуzеd-рuрру-gеts-hugе-surрrisе-hоurs-lаtеr/
I am curios to know how it can be done?
I have an ASP.NET MVC application with a number of pages.
I'm trying to authenticate the user before opening a page.
I have created a Login page that works and authorizing a user.
However, when I enter the page URL directly in the browser, I'm able to open it.
How can I restrict the user from opening the page directly?
I have no knowledge of xcode yet but am about to dig in.
We are creating an app for our web service. We want 99% of the app to be native using xcode functions to get json responses from the server, but we want to use our website's own custom login page first to establish the session.
The flow would be like this:
Open app.
App requests json response from php file on server.
If user not logged in, the php file redirects app to actual login page on server.
User logs in, then is redirected back to original php file to get json response.
App retrieves json response and continues to menu page.
Is this possible? I'm not sure it is because once we've loaded the html for the login page, the app isn't waiting for the json response anymore.
I've thought about this solution:
Open app.
App requests json response from php file on server.
If user not logged in, the php file returns json response saying not logged in.
App sends user to login page to login.
Meanwhile, app asynchronously checks every few seconds if user is logged in yet.
User logs in and is redirected to a spinning graphic page.
One of the asynchronous logged in checks gets positive response back and takes user away from website (spinning graphic page) and displays native app menu.
Asynchronous log in checks cease.
I know it's not conventional, so I'm not looking for somebody to tell me it's not conventional. Is this possible in theory? Difficult to do or fairly straightforward. How would I start? Thanks
I'm building a native application. The app has an embedded webview (UIWebView) pointing to a social website. To be able to use the website inside the app, user has to log in by the webview (username/password) and then he can continue use the site with saved cookies. Normally, the cookies expire after two days. After that, the user has to re-login by the webview.
Now suppose I know username and password of the user and I would like to make the user login automatically with this account when the cookie expires. How can I do that?
I tried to simulate the Login action when I click on Login button on web page, but not successful.By using "Inspect Element" of Chrome, I can see Chrome makes a "Post" request to an URL with some parameters. However, the request doesn't get successful (I use REST client for testing).
Finally I found out the solution. I didn't build requests anymore. I used javascript to set text fields and make "click" action on the webview. Done.
When i Copy my url after logging into another browser it displays the same page instead of login page .This happens even after i close my page
Modify your session handling. The session ID should not show up in the URL (or at least not be used alone for authorization of the request).