How much can I trust ASP?

Printable View

Oct 1st, 2004, 02:21 PM
invitro

How much can I trust ASP?

ASP has been pretty good so far but one little thing worries me..

Some secure pages of mine, when they find he user does not have access it uses the Response.Redirect method to throw him onto the 'unauthorized user page'.

Now, is there a chance Response.Redirect might fail? If it does... would the rest of the site load, allowing him to see restricted information? :confused:
Oct 1st, 2004, 06:14 PM
Danial

Re: How much can I trust ASP?
Quote:

Originally posted by invitro
ASP has been pretty good so far but one little thing worries me..

Some secure pages of mine, when they find he user does not have access it uses the Response.Redirect method to throw him onto the 'unauthorized user page'.

Now, is there a chance Response.Redirect might fail? If it does... would the rest of the site load, allowing him to see restricted information? :confused:

You dont have to rely on response.redirect fully. You should use If statement and only render(send info to the brwoser) data after duing the authentication.

e.g
Instead of
VB Code:
```
if (Authenticate(Username)) then
        'your sensetive info 1
else
       response.redirect "somepage.asp"
end if
 
'More sensetive info 2
 
'more sensetive info 3
```
VB Code:
```
if (Authenticate(Username)) then
        'your sensetive info 1
       
       'More sensetive info 2
 
        'more sensetive info 3
else
       response.redirect "somepage.asp"
end if
```
I hope i explained it well..
Oct 3rd, 2004, 09:04 PM
invitro

Yeah you did. That is what i have been doing in some areas, but Response.Redirect just seems so much more appealing.

Thanks though! I will prob do it your way.