I would like to be able to do what I have done below in my JSP to prevent someone from book marking the page and then being able to access it without logging in. This works fine as long as I use the absolute path of the URL. Unfortunetly I can not use the absolute path. I can only use the name of the JSP as in First.jsp instead of
http://Project... How can I do the same as I am below but without using the absolute path?
<%
if (request.getHeader("referer").compareToIgnoreCase("http://Project/First.jsp") == 0 | |
request.getHeader("referer").compareToIgnoreCase("http://Project/Second.jsp") == 0 | |
request.getHeader("referer").compareToIgnoreCase("http://Project/Third.jsp") == 0 | |
request.getHeader("referer").compareToIgnoreCase("http://Project/Fourth.jsp") == 0 | |
request.getHeader("referer").compareToIgnoreCase("http://Project.Fifth.jsp") == 0)
{
%>
{
<<THE JSP I WANT TO DISPLAY>>
}
<%
}
else
{
%>
<script language = javascript>
location.href="adminlogin.jsp";
</script>
<%
}
%>