Last post Jun 12, 2013 06:40 AM by sandy060583
Jun 11, 2013 01:44 PM|sheraz_aries|LINK
Jun 11, 2013 02:25 PM|joshj|LINK
The name of the domain that a rest client is running on is not passed with the request to the server, the closest thing is probably the user-agent or referer. However, there is no guarantee that your rest service is being called from a website. It could
also be called from a desktop application.
Perhaps you could add a required parameter to the rest methods intended to help identify the calling entity.
Jun 11, 2013 04:12 PM|sheraz_aries|LINK
Jun 11, 2013 04:40 PM|joshj|LINK
You want to protect it from being called from unauthorized domains but you are already certain it is only going to be called from .aspx pages. Those two logical points disagree with each other. You already claim certainty about where the requests are coming
from yet your original post is looking for safeguard against unauthorized access. So which is it, you know with certainty where all requests are coming from or not?
Seriously, just implement some authentication and ignore where the request is coming from.
Jun 11, 2013 05:15 PM|sheraz_aries|LINK
When i say that it would comes from aspx means the request can be made from different domains like
www.ddd.com, www.fff.com while i want to respond to the calls that comes from a specifc domain ( http://www.xyz.com ) thats the reason i am trying to get the
calling domain name within the wcf service so that i can restric the output.
Jun 12, 2013 06:40 AM|sandy060583|LINK
Did you tried - this.Request.UserHostName ??