This content has been marked as final. Show 5 replies
In the page you want to "protect", check to see if the HTTP_REFERER is the frameset page. If not, you can abort, CFLOCATION to the frameset page, etc. See concept code below.
Thanks so much for the response. It works great.
You realize, of course, that people can prevent http referal info from being provided. If they try to access your page the way it was intended, through the frameset it won't work.
Another alternative is to add a url variable to your hyperlink and check for it in report.cfm.
The report.cfm page does use a URL variable being passed from the frameset. ( http://xxx/report.cfm?ID=#ID#).
Certain users are using that page directly and bypassing the main index.cfm page that has all the frames.
Therefore we need a way to ensure that report.cfm page does not load as a standalone page and is always part of the frameset.