I need to prevent bookmarking of any page in a framed site. The first page is non-framed logon page that asks for a password. The database is queried then if the password is correct. it loads a framed site with one domain in the top frame and another in the bottom frame. I noticed that when using 2 domins like this, it is possible to bookmark any or all of the pages in the bottom frame.
Is there a way to prevent these pages from being bookmarked? I need to direct the users to the original logon page if they try to load from a bookmark.
Unfortunatley, I don't have control over the domain in the bottom frame.
If you mean can you stop a user directly book marking content in the bottom frame, where that frame is pointing to another site (which has chosen to make the content publically accessible) then no.
You only have full control over your own site - if they attempted to bookmark a "secure" section of your site then you could force them to re-authenticate and/or re-frame them.
However since they are accessing another site it's up to *that* site to handle what happens when a user returns to their pages.
You could try to disable features using client side script but in the same way that my ability to view source can never really be disabled there is no way to stop me going directly to a piece of publically available content on the web.
The moment you link to public content I by definition know where it lives.
|too much information|
Actually, I have a page which includes <iframes> that load images (mainly to disguise their true locations) and when you try to bookmark the page I redirect you to Yahoo.com or wherever looks good that day.
So far my trick only works for IE and it is written in ASP, but the USER_AGENT string in IE when you make a page 'available offline' contains the string 'MSIECrawler'. So if this string is in your USER_AGENT and you try to view my site, zoom.. you are off to somewhere else for the bookmark, and back again when your browser is done. (I would love to see someone's face when they go to check the bookmark offline) Plus about 90% of my viewers are using IE so I havn't tried to expand to other browsers.
I'm not blocking my source, I don't care if you want to see my source code, but I don't want you do download my entire site. I know someone will think this is dumb, but I had fun testing it out. ;)
|So far my trick only works for IE and it is written in ASP, but the USER_AGENT string in IE when you make a page 'available offline' contains the string 'MSIECrawler'. So if this string is in your USER_AGENT and you try to view my site, zoom.. you are off to somewhere else for the bookmark, and back again when your browser is done. (I would love to see someone's face when they go to check the bookmark offline) Plus about 90% of my viewers are using IE so I havn't tried to expand to other browsers. |
That's not bookmarking - that's making something available offline. If you were using IE they call bookmarks "favourites".
I block MSIECrawlers too for what it's worth, but to be honest I don't think many people use the "make available offline" feature to capture entire sites - WGET and similar products are far more efficient and much slicker.
|too much information|
Oh, sorry, I misunderstood the problem.
How about using Session variables to check to see if someone is logged on? For example, set a session cookie to some value like their username when they login in. It will time out after 20 min. of inactivity or when they leave the site.
They could bookmark the page but if they try to use the bookmark you could refer them back to your homepage if the Session variable is not set.
Also try blocking the right click to keep people from bookmarking the frame content since it is not on your site.
|How about using Session variables to check to see if someone is logged on? For example, set a session cookie to some value like their username when they login in. It will time out after 20 min. of inactivity or when they leave the site. |
I think the problem with that idea is that the bottom frame in his case is not something he controls the code on, if I am reading that correctly. With that my suggestion:
It'd be a pain to do this but if you are dead set on it... You could use an http get in the bottom frame, I think PHP and ASP can both do this; I am a cold fusion guy myself. Then parse the page and modify all the links, and add in your own session varialbe and such. In effect you would be serving that page to them and could control their book marking ability, ect. On top of the added control if they bookmarked the page it would be bookmarking the page on your website that is fetching the external page not the external page itself. This may not be realistic honestly but itís all I could come up with off the top of my head.
[edit-just thought of an example you might look:bablefish's web page translator you can get to it through altavista.com can't recall the link off the top of my head]
[edited by: Wild_Cujo at 6:51 pm (utc) on July 1, 2003]
As I stated , "I don't have control over the domain in the bottom frame." That would pretty much leave the cookies out. The bottom frame is loaded from a company that is doing our DAM. We would like our clients to be able to have a customized site loading fonts, colors, logos, etc from the db. We have already built most of this along with menuing. I am just trying to figure a way to stop bookmarking. I am almost there. If I load the bottom frame to a page that redirects, only the top frame is bookmarked. That's okay BUT it seems on Netscape for the MAC, it bookmarks the bottom frame. I tested this on both browsers and both platforms. It has me stumped.
Unfortunately, since most of the clients using the system are graphic and pre-press houses, they pretty much stick with the MAC.
Thanks for your help anyway -- good ideas--
|As I stated , "I don't have control over the domain in the bottom frame." |
If you are referring to my post (we posted near the same time so you may not have seen it). I was trying to give you a way to "take control" of that bottom frame.
Nice idea but it all comes down to whether the 2nd site likes the idea or not. If they don't and you annoy them you've just lost a feature of your site!
If you said to me;
|Hey we'd like to throw you traffic but it'll be a in a frame |
I'd happily accept it, no problem.
However if you said;
|I'd like to programmatically get a copy of your content any time one of my users wants it so I can pass it off as my own content |
I'd carefully consider if you were paying me or more subtle details were involved, before telling you where to stick your offer and deny any requests coming from your IPs just on the off-chance you decided to try it despite my comments.
I'm nice like that - and believe it or not I'm not all that aggressive with my blocking.
Not sure where you got the idea I was saying, or what I suggested, would imply you wanted to pass of the content as your own that was not my intent, those are your words. My suggestion simply allows you to control what the user does since all the links are controled by your server at that point. No one seems to have a problem with babblefish doing this but that might be b/c it is a translator and not just another website. I would assume as long as it is clearly marked where that content is coming from they should not have a problem with it. The only things that would be different in the website are the links which would read something like "redirect.cfm?webcontent=http://www.someplace.com/stuff.htm" and the current page url which right now your visitors don't see anyways b/c it is in a frame.
[edit- sorry if that came off rude sounding didn't mean for it to have that conotation. When I re-read it, it kind of sounded that way to me afterwards.]
Actually, The site loaded in the bottom frame does not mind any progamming done on our end. We pay them oodles for their service and their admin front end allows us some control over logos and style. The problem is that my boss wants it even more customized then what their front end will allow.
The bottom framed site actually has many clients, some ours, others not. All the variables are loaded at login. We are trying to add a top frame so we can allow our customized help files and other links for the benefit of our personal clients.
I may have to allow the bookmarking of the pages. As I said, I have found workarounds for everything except for Netscape on the MAC.