Dear Telerik-Team,
in my scenario, I show an aspx page inside a RadWindow in order to update an item of a radgrid. I got the code from your demo located at: http://demos.telerik.com/aspnet-ajax/controls/examples/integration/gridandwindow/defaultcs.aspx?product=window .
Everything works fine for me but I want to ensure that my aspx-form is only accessible if it is inside the Window. In the current scenario a user could have found out that the page "behind" the window he is shown when he updates an item inside the grid is "myupdateform.aspx" and has a QueryString passed in order to load specific data.
Can I avoid that and ensure that the aspx-page cannot be called directly?
Can I somehow get a reference to the window that contains my form "myupdateform.aspx" and see if it is null (the user has typed the URL directly into the browser without clicking on an item inside the grid) or not null (he has called the window by double clicking an item in the grid?
Do you have an approach for me?
Kind regards,
Marco
in my scenario, I show an aspx page inside a RadWindow in order to update an item of a radgrid. I got the code from your demo located at: http://demos.telerik.com/aspnet-ajax/controls/examples/integration/gridandwindow/defaultcs.aspx?product=window .
Everything works fine for me but I want to ensure that my aspx-form is only accessible if it is inside the Window. In the current scenario a user could have found out that the page "behind" the window he is shown when he updates an item inside the grid is "myupdateform.aspx" and has a QueryString passed in order to load specific data.
Can I avoid that and ensure that the aspx-page cannot be called directly?
Can I somehow get a reference to the window that contains my form "myupdateform.aspx" and see if it is null (the user has typed the URL directly into the browser without clicking on an item inside the grid) or not null (he has called the window by double clicking an item in the grid?
Do you have an approach for me?
Kind regards,
Marco