Hi Alex, Tom,

Thanks for the suggestion. I didn't find the time to implement this just yet, but it think this is exactly what I am after. I won't be using this for security, just for the case mentioned by Alex.
 

Best, Robin

-----Original message-----
From: Alessandro Vernet <[hidden email]>
Sent: Fri 05-03-2010 04:45
To: [hidden email];
Subject: [ops-users] Re: Limiting access to a page using the PFC?

Robin,

I think Tom suggests to use the request generator in the target page
to see if the user indeed comes from the source page you expected (the
Referer header will tell you that). This is reasonable if you just
want to catch users who bookmarked a page by mistake, but you don't
want to rely on this for security as users could fake that header.

Alex

On Wed, Mar 3, 2010 at 1:09 PM, Robin Diederen <[hidden email]> wrote:

> Hello all,
>
>
>
> We use the redirection function of the Orbeon PFC to redirect users after
> doing a succesful submission (to display some message regarding the
> submission).x
>
>
>
> This mechanism works just fine, but now we want to limit the reachability of
> the pages users are redirected to. We want these pages to reachable, if and
> only if, the user is sent there after doing a submission. Currently it's
> perfectly possible to access these pages by entering their URL.
>
>
>
> Can this be done easily with the PFC?
>
>
>
> Best, Robin
>
>
>
> --
> You receive this message as a subscriber of the [hidden email] mailing
> list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> OW2 mailing lists service home page: http://www.ow2.org/wws
>
>

--
Orbeon Forms - Web forms, open-source, for the Enterprise -
http://www.orbeon.com/
My Twitter: http://twitter.com/avernet