29 Replies Latest reply on Feb 29, 2016 11:29 AM by 2Charlie

    Is it possible to manually set HTTP_REFERER?

    2Charlie Level 1

      Does anyone if it is possible to manually set the CGI.HTTP_REFERER? If so, how do I accomplish it?

        • 1. Re: Is it possible to manually set HTTP_REFERER?
          Carl Von Stetten Adobe Community Professional & MVP

          Why would you want to do that?  The variable is based on what the web server forwards to ColdFusion.  Why would you need to alter it?

          • 2. Re: Is it possible to manually set HTTP_REFERER?
            2Charlie Level 1

            Here's the problem.

            1. User enter the search word and click enter
            2. The search page shows the result on the page with links
            3. The user clicks on the link to see the details page
            4. The details page requires authentication
            5. It redirects the user to the authentication page. At this page in the custom_application.cfm page, it shows the HTTP_REFERER;  https://devbox.mysite.com/search/?search=calendar
            6. The user authenticated and then it comes back to the https://devbox.mysite.com/search/?search=calendar page instead of to the https://devbox.mysite.com/kb/article/calendar page, which is the link that the user clicked and wants to go there.

            That is the problem. If you can help find a better solution, that'll be great. Thanks for the response though.

            • 3. Re: Is it possible to manually set HTTP_REFERER?
              Carl Von Stetten Adobe Community Professional & MVP

              If you don't want to authenticate the user at the outset rather than when they click a details link (and what happens if they go back to the results and click a different link - do they have to authenticate again?), then store the link URL in a session or client variable and then navigate to the value in the session variable after authentication.  If you go the client variable route, make sure to use cookies (or alternatively database) rather than registry.


              Don't mess with HTTP_REFERER - that is how you tell where the user **actually** came from.

              • 4. Re: Is it possible to manually set HTTP_REFERER?
                2Charlie Level 1

                That answers my question but has not resolved my issue yet. I will check if the user is logged in or not. If it's logged in already then the details page will just show without prompting the user to authenticate again. My main problem is, ColdFusion is not redirecting to the target page or the page that's part of the link. It redirects back to the page where it was originally from instead and I couldn't figure how to resolve this issue. Thus, I thought I could change the http_referer.

                • 5. Re: Is it possible to manually set HTTP_REFERER?
                  Carl Von Stetten Adobe Community Professional & MVP

                  How are you performing the redirect?  <cflocation>?

                  • 6. Re: Is it possible to manually set HTTP_REFERER?
                    2Charlie Level 1

                    Yes. Here are part of my authentication code. We are using Shibboleth authentication.

                     

                    In my custom-applicaton.cfm file.

                    <cfif not StructKeyExists(session, "preAuthUrl")>

                      <cfparam name="Session.preAuthUrl" default="http://#cgi.server_name##cgi.script_name#">

                    </cfif>

                     

                     

                    <cfif cgi.query_string contains "login=1">

                      <cfif not cgi.query_string contains "forcelogin=1">

                      <cfset session.preauthurl="#cgi.http_referer#">

                      <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

                      <cfelse>

                      <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

                      </cfif>

                    </cfif>

                     

                    And here's the code in the authentication.cfm file.

                     

                    <cfif session.user.LICENSEDCONTRIBUTOR eq 0>

                      <cftry>

                      <CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">

                      <cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">

                        UPDATE Users

                        SET LicensedContributor = '1'

                        WHERE ID = #session.user.id#

                      </cfquery>

                      <cfset session.user.LicensedContributor = "1">

                      </CFLOCK>

                      <cfcatch>

                      <cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>

                      </cfcatch>

                      </cftry>

                      </cfif>

                     

                      <cflog text="preAuthUrl-#count#: #session.preAuthUrl#" type="Information" file="Authentication">

                      <!---we are now logged in, so redirect somewhere--->

                      <cfif session.preAuthUrl eq "">

                      <!---not sure where we came from, so redirect to the homepage--->

                      <cflocation url="/" addtoken="no">

                      <cfelse>

                      <cfif session.preAuthUrl contains "login=1">

                      <cfif tmp eq "">

                      <cflocation url="/" addtoken="no">

                      <cfelse>

                      <cflocation url="#tmp#" addtoken="no">

                      </cfif>

                      <cfelse>

                      <cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>

                      <cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">

                      <cflocation url="#request.author_url##tmp#" addtoken="no">

                      </cfif>

                      </cfif>

                    </cfif>

                     

                     

                    <!---go back to wherever we came from--->

                    <cflocation url="#cgi.http_referer#" addtoken="no">

                    • 7. Re: Is it possible to manually set HTTP_REFERER?
                      2Charlie Level 1

                      The way our CommonSpot CMS work is that every time you access a page, the custom_application.cfm gets fired first. Therefore, the preauthURL session variable gets set correctly the first time when the user click the hyperlink from the search-result page. However, when the user got authenticated and finally landed on the target page, the custom_application.cfm gets called/fired again and this time the Http_referer and preauthURL is incorrect because it was referring to the last page, which is our shibboleth authentication page. And this is where I couldn't figure out.

                      • 8. Re: Is it possible to manually set HTTP_REFERER?
                        Carl Von Stetten Adobe Community Professional & MVP

                        You need to stop grabbing HTTP_Referer for your ultimate redirect location.  As I said in an earlier response, grab the URL (that would be the CGI.path_info combined with CGI.query_string) before you redirect to the authentication page.  Then after you have authenticated the user, redirect to your stored URL.

                        • 9. Re: Is it possible to manually set HTTP_REFERER?
                          2Charlie Level 1

                          Here's my current custom_application.cfm file. I do not use http_referer and it goes into a loop.

                           

                          <cfif cgi.query_string contains "login=1">

                             <cfif not cgi.query_string contains "forcelogin=1">

                                <cflog text="SERVER_NAME: #cgi.SERVER_NAME#" type="Information" file="Authentication">

                                <cflog text="PATH_INFO: #cgi.PATH_INFO#" type="Information" file="Authentication">

                                <cflog text="PATH_TRANSLATED: #cgi.PATH_TRANSLATED#" type="Information" file="Authentication">

                                <cflog text="SCRIPT_NAME: #cgi.SCRIPT_NAME#" type="Information" file="Authentication">

                                <cflog text="QUERY_STRING: #cgi.QUERY_STRING#" type="Information" file="Authentication">

                                <cflog text="REMOTE_HOST: #cgi.REMOTE_HOST#" type="Information" file="Authentication">

                                <cfif cgi.http_referer contains "search/?search=">

                                <cflog text="cgi.http_referer contains: #cgi.http_referer#" type="Information" file="Authentication">

                                <cfset tmp=ReReplace(cgi.http_referer, "^.+\.mysite\.com", "")>

                                <cfset scriptName=ReReplace(cgi.script_name, "^index.cfm\.+", "")>

                                <cflog text="scriptName: #scriptName#" type="Information" file="Authentication">

                                <!---<cfset qryString=ReReplace(#tmp#, "/search/?search=", "")>--->

                                <cfscript>

                                   qryString = replace(#tmp#, "/search/?search=", "", "All");

                                </cfscript>

                                <cflog text="qryString: #qryString#" type="Information" file="Authentication">

                                <cfset session.preauthurl="#request.author_url#/kb/article/#qryString#">

                                <cflog text="After cfset session.preauthurl: #request.author_url#/kb/article/#qryString#" type="Information" file="Authentication">

                                <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

                                <cfelse>

                                <!---<cfset session.preauthurl="#cgi.http_referer#">--->

                                <cflog text="session.preauthurl-172: #session.preauthurl#" type="Information" file="Authentication">

                                <cflog text="cflocation url: #request.author_url#/authenticate.cfm" type="Information" file="Authentication">

                                <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

                             </cfif>

                             <!---<cfset session.preauthurl="#cgi.http_referer#">

                                <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">--->

                             <cfelse>

                             <cflocation url="#request.author_url#/authenticate.cfm" addtoken="no">

                          </cfif>

                          </cfif>

                           

                          And here's my authenticate.cfm code:

                           

                          <!--- if this user is not marked as a "licensed contributor", mark them as such.--->

                          <cfif session.user.LICENSEDCONTRIBUTOR eq 0>

                             <cftry>

                                <CFLOCK SCOPE="Session" TYPE="Exclusive" TIMEOUT="5" THROWONTIMEOUT="Yes">

                                   <cfquery DATASOURCE="#session.user.USERSDATASOURCE#" NAME="updateContributor">

                                      UPDATE Users

                                      SET LicensedContributor = '1'

                                      WHERE ID = #session.user.id#

                                   </cfquery>

                                   <cfset session.user.LicensedContributor = "1">

                                </CFLOCK>

                                <cfcatch>

                                   <cfoutput>Error in /authenticate.cfm: An error occurred while trying to log in. Please try again.</cfoutput>

                                </cfcatch>

                             </cftry>

                          </cfif>

                          <cflog text="preAuthUrl-63: #session.preAuthUrl#" type="Information" file="Authentication">

                          <!---we are now logged in, so redirect somewhere--->

                          <cfif session.preAuthUrl eq "">

                             <!---not sure where we came from, so redirect to the homepage--->

                             <cflocation url="/" addtoken="no">

                             <cfelse>

                             <!---The tmp here will cause interna server error because it was not defined anywhere.--->

                             <cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>

                             <cfif session.preAuthUrl contains "login=1">

                                <cfif tmp eq "">

                                   <cflocation url="/" addtoken="no">

                                   <cfelse>

                                   <cflog text="tmp-75: #tmp#" type="Information" file="Authentication">

                                   <cflocation url="#tmp#" addtoken="no">

                                </cfif>

                                <cfelse>

                                <!---<cfset tmp=ReReplace(session.preAuthUrl, "^.+\.mysite\.com", "")>--->

                                <cflog text="final URL: #request.author_url##tmp#" type="Information" file="Authentication">

                                <cflocation url="#request.author_url##tmp#" addtoken="no">

                             </cfif>

                          </cfif>

                          </cfif>

                          <cflog text="http_referer: #cgi.http_referer#" type="Information" file="Authentication">

                          <!---go back to wherever we came from--->

                          <cflocation url="#cgi.http_referer#" addtoken="no">

                           

                          And here's the log:

                           

                          ========================This the first time hitting the custom-appliction==================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","cgi.http_referer contains: https://devbox.mysite.com/search/?search=calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","scriptName: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","qryString: calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:41","SITE1","After cfset session.preauthurl: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          ----------------noticed that it ever gets to the "http_referer" log at the bottom which is the correct behavior------------------------------------------

                          ========================Now, it hits the target page of "calendar" and it launches the custom-appliction again=====================================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","REMOTE_HOST: 10.34.3.251"

                          ---------------------Noticed the line below shows the target page correctly in session.preauthurl variable------------------------------------------

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:46","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:47","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          ----------------------Noticed the line above here (final URL) shows the correct target page--------------------------------------------------------

                          =======================But it never actually gets to the target page, it went back to the custom-appliction file again as shown below===================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          =======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:48","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          =======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:49","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          =======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          =======================And again here,it launches the custom-appliction file again and go through a loop===============================================================

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SERVER_NAME: devbox.mysite.com"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_INFO: "

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","PATH_TRANSLATED: \\commonspotshare.mysite.com\commonspot$\DEVSITE\dev.mysite.com\kb\article\index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","SCRIPT_NAME: /kb/article/index.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","QUERY_STRING: login=1"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","REMOTE_HOST: 10.34.3.251"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","session.preauthurl-172: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:50","SITE1","cflocation url: https://devbox.mysite.com/authenticate.cfm"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","preAuthUrl-63: https://devbox.mysite.com/kb/article/calendar"

                          "Information","ajp-bio-8013-exec-7","02/25/16","12:17:51","SITE1","final URL: https://devbox.mysite.com/kb/article/calendar"

                          =========================And it finally quits in Firefox but in IE it keeps going forever====================================================================

                          • 10. Re: Is it possible to manually set HTTP_REFERER?
                            Carl Von Stetten Adobe Community Professional & MVP

                            Let me correct myself.  Starting with CF10, CGI.path_info no longer returns the URL of the current page - it only returns any additional info after the document name (e.g.: http://mysite.com/index.cfm/some_more_path_stuff/even_more_path_stuff, CGI.path_info would return "some_more_path_stuff/even_

                            more_path_stuff").  If you don't have additional path information following the document name, CGI.path_info will be blank.

                             

                            Instead, you can use this to get the entire URL of the current page: getPageContext().getRequest().getRequestURI()

                            • 11. Re: Is it possible to manually set HTTP_REFERER?
                              2Charlie Level 1

                              Here's a quick question. Why am I not getting the query_string value inside of this CFIF in my custom-application.cfm?

                               

                              <cfif not StructKeyExists(session, "queryString")>

                                <cfparam name="Session.queryString" default="#cgi.query_string#">

                                <cflog text="Session.queryString-112: #Session.queryString#" type="Information" file="Authentication">

                                <cflog text="cgi.query_string-113: #cgi.query_string#" type="Information" file="Authentication">

                                <!---<cfparam name="Session.queryString" default="#cgi.query_string#">--->

                              </cfif>

                              <cflog text="Session.queryString-120: #Session.queryString#" type="Information" file="Authentication">

                               

                              I put a log outside of this cfif and it will only show the query_string value after five times looping.Why is that?

                               

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","Session.queryString-11 2: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","cgi.query_string-113: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:31","SITE1","cgi.query_string-161: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:36","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:36","SITE1","cgi.query_string-161: search=calendar"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:37","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:37","SITE1","cgi.query_string-161: proxyURL=https%3A%2F%2Fapp.kbarticle.com%2Fapi%2Fhead%2Fsuggest.json&name%5B%24regex%5D=c alendar"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: slug=calendar"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:41","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:42","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:43","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:44","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","Session.queryString-12 0: "

                              "Information","ajp-bio-8013-exec-10","02/25/16","14:15:45","SITE1","cgi.query_string-161: login=1"

                              • 12. Re: Is it possible to manually set HTTP_REFERER?
                                2Charlie Level 1

                                This getPageContext().getRequest().getRequestURI() is giving me the same as script_name.

                                • 13. Re: Is it possible to manually set HTTP_REFERER?
                                  BKBK Adobe Community Professional & MVP

                                  2Charlie wrote:

                                   

                                  Here's the problem.

                                  1. User enter the search word and click enter
                                  2. The search page shows the result on the page with links
                                  3. The user clicks on the link to see the details page
                                  4. ...

                                  Then, on the details page, before the code that does the redirection, store the referrer as a session variable.

                                  • 14. Re: Is it possible to manually set HTTP_REFERER?
                                    2Charlie Level 1

                                    I think the problem is not that it's not getting the correct target page because I've make sure and verified that the target page URL is correct and it's still not returning to the correct page or error out. Perhaps my checking for is the user logged in or not is wrong and when it's fully authenticated, it's still not registered as logged in; therefore, it goes into a loop. So, what's a the proper way to check if the user is already logged in in ColdFusion? And once the user is authenticated, is there something in ColdFusion that I need to set so that in the details page, when it checks if the user is logged in or not, it has the correct value?

                                    • 15. Re: Is it possible to manually set HTTP_REFERER?
                                      BKBK Adobe Community Professional & MVP

                                      2Charlie wrote:

                                       

                                      I think the problem is not that it's not getting the correct target page because I've make sure and verified that the target page URL is correct and it's still not returning to the correct page

                                      The referrer may not be what you expect at each stage.

                                       

                                      1. The user clicks on the link to see the details page
                                      2. The details page requires authentication
                                      3. It redirects the user to the authentication page. At this page in the custom_application.cfm page, it shows the HTTP_REFERER;  https://devbox.mysite.com/search/?search=calendar
                                      4. The user authenticated and then it comes back to the https://devbox.mysite.com/search/?search=calendar page instead of to the https://devbox.mysite.com/kb/article/calendar page, which is the link that the user clicked and wants to go there.

                                      1. When the user clicks on the link to the details page, the referrer is NOT the details page. It is the current page, XXX, which may in fact be outside your website.

                                      2. If the details page redirects him to the authentication page, then the referrer may still be the starting page, XXX. Something like this

                                       

                                      XXX.cfm

                                      <a href="details.cfm">Details<\a>

                                       

                                      details.cfm

                                      <cflocation url="authentication.cfm" addtoken="no">

                                       

                                      That is, the referrer is actually the page on which the user clicks the link. You seem to interpret it as if it is the target of a link click.

                                       

                                      To make your target page available, you could just squeeze in a line that stores it in session scope, before the redirection, like this

                                       

                                      details.cfm

                                      <cfset session.targetpage =CGI.SCRIPT_NAME>

                                      <cflocation url="authentication.cfm" addtoken="no">

                                      • 16. Re: Is it possible to manually set HTTP_REFERER?
                                        2Charlie Level 1

                                        That is very helpful but, what's a the proper way to check if the user is already logged in in ColdFusion? And once the user is authenticated, is there something in ColdFusion that I need to set so that in the details page, when it checks if the user is logged in or not, it has the correct value? Is there a way to show/dump all the session variables?

                                        • 17. Re: Is it possible to manually set HTTP_REFERER?
                                          EddieLotter Level 3

                                          2Charlie wrote:

                                           

                                          is there something in ColdFusion that I need to set?

                                           

                                          Yes. Set a session variable or a client variable or a cookie or anything that persists from one request to the next.

                                          2Charlie wrote:

                                           

                                          Is there a way to show/dump all the session variables?

                                           

                                          <cfdump var="#session#">
                                          

                                          Cheers

                                          Eddie

                                          • 18. Re: Is it possible to manually set HTTP_REFERER?
                                            2Charlie Level 1

                                            How do I check if the session.loggedIn variable has been set or not? I kept getting a custom script module error when I do <cfif session.loggedIn eq "true">. I think this is because the session.loggedIn variable is not set and I already testing it. So, I need a way to test if it's already set or not. Do I do a <cfif StructKeyExists(session, "loggedIn")> and if it's already set, then do the testing if it's equal to "true"?

                                            • 19. Re: Is it possible to manually set HTTP_REFERER?
                                              EddieLotter Level 3

                                              2Charlie wrote:

                                              How do I check if the session.loggedIn variable has been set or not?

                                               

                                              <cfif isDefined("session.loggedIn") and (session.loggedIn)>
                                              

                                              Cheers

                                              Eddie

                                              • 20. Re: Is it possible to manually set HTTP_REFERER?
                                                2Charlie Level 1

                                                Okay, this is what I have and it kept giving me "Error in custom script module" on this line. I'm logging before and after this line of code and the log after this line is not executed. So looks like it quit after executing this line.

                                                 

                                                <cfif isDefined("session.mySiteShibboleth.isAuthenticated") and (session.mySiteShibboleth.isAuthenticated)>

                                                • 21. Re: Is it possible to manually set HTTP_REFERER?
                                                  EddieLotter Level 3

                                                  Try this:

                                                  <cfif structKeyExists(session.mySiteShibboleth, "isAuthenticated") and (session.mySiteShibboleth.isAuthenticated)>
                                                  

                                                   

                                                  Cheers

                                                  Eddie

                                                  • 22. Re: Is it possible to manually set HTTP_REFERER?
                                                    2Charlie Level 1

                                                    Same error. In my authenticted.cfm file, this is where the session is defined, I believed.

                                                     

                                                    <cfif cgiReferer eq shibboleth_url>

                                                      <cfscript>

                                                      session.mysiteShibboleth = StructNew();

                                                      session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");

                                                      session.mysiteShibboleth.mail=http_header.headers.eppn;

                                                      session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));

                                                      session.mysiteShibboleth.isAuthenticated="true";

                                                      </cfscript>

                                                    </cfif>

                                                    • 23. Re: Is it possible to manually set HTTP_REFERER?
                                                      EddieLotter Level 3

                                                      Have you determined whether or not that code is in fact getting executed?

                                                       

                                                      Cheers

                                                      Eddie

                                                      • 24. Re: Is it possible to manually set HTTP_REFERER?
                                                        2Charlie Level 1

                                                        This is the only code I have on the details page and I still get the same error. If I removed this code, the page loads fine.

                                                         

                                                        <cfif structKeyExists(session.mysiteShibboleth, "isAuthenticated") and (session.mysiteShibboleth.isAuthenticated) >

                                                          <cflog text="Session-Defined-5: isAuthenticated" type="Information" file="Authentication">

                                                        <cfelse>

                                                          <cflog text="Session-Defined-7: It's not authenticated'" type="Information" file="Authentication">

                                                        </cfif>

                                                        • 25. Re: Is it possible to manually set HTTP_REFERER?
                                                          EddieLotter Level 3

                                                          That's why I asked if you checked whether or not the code in authenticated.cfm is being executed. From your description, it appears it is not.

                                                           

                                                          Dump the session scope on the details page before you try to access the problem structure and see for yourself whether or not it exists.

                                                           

                                                          Cheers

                                                          Eddie

                                                          • 26. Re: Is it possible to manually set HTTP_REFERER?
                                                            2Charlie Level 1

                                                            Wasn't this <cfif structKeyExists(session.mysiteShibboleth, "isAuthenticated") and (session.mysiteShibboleth.isAuthenticated) > supposed to check if the code in the authenticate.cfm is executed or not? If it's not, should this statement be false instead of error out?

                                                            • 27. Re: Is it possible to manually set HTTP_REFERER?
                                                              2Charlie Level 1

                                                              Okay, so in the CommonSpot log, it has this exception error: Exception: Element MYSITESHIBBOLETH.ISAUTHENTICATED is undefined in SESSION.

                                                               

                                                              However, wasn't the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")> supposed to account for this error and prevent it from generating?

                                                              • 28. Re: Is it possible to manually set HTTP_REFERER?
                                                                BKBK Adobe Community Professional & MVP

                                                                2Charlie wrote:

                                                                 

                                                                Same error. In my authenticted.cfm file, this is where the session is defined, I believed.

                                                                 

                                                                <cfif cgiReferer eq shibboleth_url>

                                                                  <cfscript>

                                                                  session.mysiteShibboleth = StructNew();

                                                                  session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");

                                                                  session.mysiteShibboleth.mail=http_header.headers.eppn;

                                                                  session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));

                                                                  session.mysiteShibboleth.isAuthenticated="true";

                                                                  </cfscript>

                                                                </cfif>

                                                                The definition of the session variable should be unconditional. Hence,

                                                                 

                                                                <cfset session.mysiteShibboleth = StructNew()>

                                                                <cfif cgiReferer eq shibboleth_url>

                                                                  <cfscript>

                                                                  session.mysiteShibboleth.username=REReplace(http_header.headers.eppn, "@mysite.com","","ALL");

                                                                  session.mysiteShibboleth.mail=http_header.headers.eppn;

                                                                  session.mysiteShibboleth.groups=ArrayToList(REMatch('WEB\.[A-Z.-]+', http_header.headers.member));

                                                                  session.mysiteShibboleth.isAuthenticated="true";

                                                                  </cfscript>

                                                                </cfif>

                                                                • 29. Re: Is it possible to manually set HTTP_REFERER?
                                                                  2Charlie Level 1

                                                                  Many thanks for all the help. I got it working now. There is no issue with the <cfif IsDefined("session.mysiteShibboleth.isAuthenticated")>. It was a log in the <cfelse> that I tried to log the session variable that was not set and not exist. Thus, it throws the error.

                                                                   

                                                                  The initial issue about unable to redirect was resolved. The issue that it keeps looping was because the way I test if the user was logged in or not is wrong. Since I'm using CommonSpot CMS, it used their isLoggedIn API and it was not giving me the value I was looking for to test the user's authentication status. So, I set a session.mysiteShibboleth.isAuthenticated variable and checked for this on the details page. It now seems to work.