[thelist] Redirect Javascript

Madhu Menon madhu at asiacontent.com
Thu Jul 20 00:58:49 CDT 2000


At 04:24 PM 7/19/00 -0500, aardvark wrote:
>as a result, i *try* to limit the response.redirect as much as
>possible in my ASP pages, and am actively hankering for the new
>transfer function in the win2k version of ASP...

It's important to remember that the Server.Transfer method can only 
transfer you to a page on the SAME site.
If your script was on www.foo.com/redirect.asp, you wouldn't be able to 
redirect the user to www.foobar.com

That said, Server.Transfer lets you retain form variables (but not 
variables with page scope), so that's pretty cool.

<tip type="ASP 3.0" author="Madhu Menon">

ASP 3.0 introduces a new method called Server.Execute
Essentially, it lets you execute a block of code from within your pages. 
The code could be from anywhere. For example, you could open up an ASP file 
from within your script, and execute the code in it. You couldn't do this 
in ASP 2.0

Just remember not to execute anything that you get (or could get) from a 
Query String; at least not without running some pretty strict checks on it. 
If you don't, you risk opening up BIG security holes on your web site. A 
malicious person with knowledge of the script could pass some crap as a 
query string, and your script will execute it. You don't want this 
happening, amigo.

</tip>


Madhu



<<<   *   >>>
Madhu Menon
Webmaster, India.CNET.com
http://India.CNET.com
The source for computers and technology






More information about the thelist mailing list