Hi folks,
I am trying to access the URL of the previous screen, but when I use "document.referrer" in my javascript I am getting empty value.
I am sharing an OAP below, please have a look and give suggestions.
FYI I used this thread as reference : https://www.outsystems.com/forums/discussion/77511/trying-to-get-the-previous-external-page-using-getreferrer/
Thanks AWL!
Hi Ashish,
In order to be able to use the document.referrer, you need to navigate directly to the screen, and not as a redirect via a client action. So in your case, the button properties would be like this:
Kind Regards,João
Hi Joao,
I tried what u suggested but It is still returning empty value.
You are right.
You can however, make easy use of a client variable to hold this value, for instance, the LastURL client variable to save the value of the current page, before you navigate:
This client variable will hold the URL of the page being processed (the Trail screen) before navigating to a new one (the One screen):
Hi @João Marques ,
Actually I want to figure why "document.referrer" is not giving value.
I get your solution but this workaround won't be able to solve my actual case(it's details can be found here)
https://www.outsystems.com/forums/discussion/88274/redirect-user-to-login-screen-if-it-tries-to-copy-url-and-try-to-open-it/
Please let me know if you have suggestions for this scenario.
That's a different question then. If you want to ensure security, you need to rely on the server side, everything on the client-side is not secure.
For these use cases, it is common to generate on the server side an OTP (One-Time Password) Token.
Basically, your screen has a token parameter which is validated against the database. Only if it is valid, the user will be able to proceed, otherwise it will be blocked (or in your case, redirected to the login).
Whenever the user clicks to navigate to that screen, you generate this token before redirecting the user. When reaching the page, you validate against the database, and, when valid, you delete it from the database, so it won't be re-used again.
This same strategy is used to access documents in a secure fashion as well, like suggested in this post.
we have around 48 screen and none of them should be accessed by copy pasting the URL, do u still think this is the best approach for this?
If you apply the good practices of code, you will encapsulate this logic in a way that you don't need to design it 48 times, but re-use it. You can, for instance, do this check on the layout used by the 48 screens and avoid doing the code 48 times.
Hmmm, Let me give it a try.
you said this,
"Whenever the user clicks to navigate to that screen, you generate this token before redirecting the user. " -----> This part I am implementing by adding an OnDestroy event in an layout that is being used by all screens.
"When reaching the page, you validate against the database " -----> This part how will I implement?? how will I pass the token to the new screen and validate it??
"you delete it from the database, so it won't be re-used again. " -----> If I implement second then this can be done with above part only.
Really appreciate any help.