Is there a simple way to check if a request comes from an action inside my app?
I'm building the email confirmation page on a site I'm working on, and I'd like to show different texts on different request origins.
If a user comes from another action (eg: the register action) in my app, then I simply want to show a text saying something like: "Thanks for registering on x, please confirm your account with the given link in the email you got from us.."
If a user comes outside of my app, then he probabely wants to confirm his or her account, so I'll show another text depending on the success of the confirmation. Or maybe he's/she's a hacker, and wants to insert malcious code in the querystring.
Why I need to do this, you may ask. Well, my client is really enthusiastic about security, and I'd like to check almost every request on the site, so he can sleep in peace :)
Simply check the
UrlReferrer
propert, it's a property of the Request(which is a property of the controller):You can use this as well:
By the way, since you care about security, be aware that requests can easily be edited and contain false data. validate every request based on it's data, don't rely on previous urls and such.