We would like to redirect using XSLT server side depending on the users IP address. This is a simple access restriction that does not use logged on members or simple security.
We have a method of checking the users IP address against a list of allowed IP addresses and filters for a page or one its ancestors and JavaScript client side redirection that works. However client side redirection is not secure in the way we would like it.
I am thinking this might be achievable by using a template called 'checkclientaccess' that the existing master template inherits from and decides how to implement the TEMPLATELOAD_CHILD/> macro.
[/code]
(note: Code is done on the top of my head, not tested at all)
Although the redirect itself is client side, the check is done server side and the redirect is only shown in the output if the visitor comes from a "secure" location.
This would be the easiest and simplest way to do it. Otherwise you'd have to write a UserControl or some sort of XSLT redirect extension.
If you are using v4 then you can do inline C# in the template and do the redirection that way. The issue with javascript redirection is if browser has it turned off then you wont get redirection.
Yes Ismail you are correct I need to do this at the server not the browser because people can get round this but we are not on v4 yet. we will make another control
Can be done in the xslt using inline server code.
For referance here is the code. Requires a doc type
1) Macro needs to be in the template header
2) Example below is more complex than it needs to be as it uses a method we use for applying settings to content pages and content node trees but alows us to restrict editor access to those pages (this requires several special doc types that are not pages just settings place holders..) basicaly the affectingIPGroups is an xml list of IP addresses that can access the page if it is protected.
[code]
Server side XSLT redirection
We would like to redirect using XSLT server side depending on the users IP address. This is a simple access restriction that does not use logged on members or simple security.
We have a method of checking the users IP address against a list of allowed IP addresses and filters for a page or one its ancestors and JavaScript client side redirection that works. However client side redirection is not secure in the way we would like it.
I am thinking this might be achievable by using a template called 'checkclientaccess' that the existing master template inherits from and decides how to implement the TEMPLATELOAD_CHILD/> macro.
Any ideas would be much help.
How about a combination of server and client side redirecting?
Something like this:
[code]
[/code]
(note: Code is done on the top of my head, not tested at all)
Although the redirect itself is client side, the check is done server side and the redirect is only shown in the output if the visitor comes from a "secure" location.
This would be the easiest and simplest way to do it. Otherwise you'd have to write a UserControl or some sort of XSLT redirect extension.
/SoerenS
Guys,
If you are using v4 then you can do inline C# in the template and do the redirection that way. The issue with javascript redirection is if browser has it turned off then you wont get redirection.
[code]
<script runat="server"><br /> void Page_Load(object sender, System.EventArgs ea) {<br /> <br /> //test and redirect here<br /> <br /> }<br /> </script>[/code]
Regards
Ismail
Yes Ismail you are correct I need to do this at the server not the browser because people can get round this but we are not on v4 yet. we will make another control
ha ha got it.
Can be done in the xslt using inline server code.
For referance here is the code. Requires a doc type
1) Macro needs to be in the template header
2) Example below is more complex than it needs to be as it uses a method we use for applying settings to content pages and content node trees but alows us to restrict editor access to those pages (this requires several special doc types that are not pages just settings place holders..) basicaly the affectingIPGroups is an xml list of IP addresses that can access the page if it is protected.
[code]
version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:msxsl="urn:schemas-microsoft-com:xslt"
xmlns:vb="urn:the-xml-files:xslt-vb"
xmlns:umbraco.library="urn:umbraco.library"
exclude-result-prefixes="umbraco.library">
[/code]
i clicked solve on the wrong post never mind have some karma
Is there a C# version instead of VB?
is working on a reply...