Q

More info about $DefaultNav

I have a question. How can you avoid going to the defaultnavigator page on Web by using the following url:

http://www.website.com/db.nsf/$defaultnav/?opennavigator

I tried to redirect the url using mapping the url by creating a url mapping/redirecting. It is not working properly. How do I go about it? An explanation with an example would be of great help.


This topic has come up before, but it turns out to be fairly difficult to cover all the possible ways that someone might exploit this problem. Here is some additional info, the first from a reader of my www.DominoSecurity.org Web site, and the second from a DominoPower techtip.

Chuck Connell
http://www.chc-3.com


From Darren Davison...

On Unix / Linux platforms however, the URL re-directions are case-sensitive so in order to avoid having to create 2^10 documents to cover the above wildcarded example, you have to be even more circumspect. We simply use the following on our Linux servers.

"/*/$d*" and "/*/$D*"


by Dan Velasco, Senior Technical Editor (dvelasco@dominopower.com)

While I've seen this technique described in tips before, one thing that's not always mentioned is the fact that there are five different ways for a person to use the $DefaultNav command to open a database on your server. All of the following URLs will do the job:

1) /servername/dbname.nsf/$DefaultNav
2) /servername/dbname.nsf/$DefaultNav?Open
3) /servername/dbname.nsf/$DefaultNav!Open
4) /servername/dbname.nsf/$DefaultNav?OpenNavigator
5) /servername/dbname.nsf/$DefaultNav!OpenNavigator

Therefore, in order to do effectively thwart people from using the $DefaultNav URL command on your Domino databases, you'll have to create two Redirection URL documents on the server to account for all of these variations.

To create a URL redirection document, open the Domino Directory, go to the Servers view, and select the server you want to create the redirection for. On the Actions bar, click the Web button and choose "Create URL Mapping/Redirection". Follow the guide below to fill out the information on this document:

Basics tab:
What do you want to set up?: URL-->Redirection URL

Site Information Tab:
Leave this blank, unless you are working with a specific virtual server.

Mapping Tab:
Incoming URL path: */*.nsf/$DefaultNav
Redirection URL string: http://yoursitename.com

Save and close the redirection document. You can view it in the Web Configurations View of the Domino Directory. Create a second redirection document the same as above except using "*/*.nsf/$DefaultNav*" as the Incoming URL path.

You should see something such as the following when you view your Web Configurations:

Redirection URL-->URL for (*/*.nsf/$DefaultNav-->http://yoursitename.com)
Redirection URL-->URL for (*/*.nsf/$DefaultNav*-->http://yoursitename.com)


This was first published in October 2001

Dig deeper on Domino Resources - Part 5

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchWinIT

Search400

  • iSeries tutorials

    Search400.com's tutorials provide in-depth information on the iSeries. Our iSeries tutorials address areas you need to know about...

  • V6R1 upgrade planning checklist

    When upgrading to V6R1, make sure your software will be supported, your programs will function and the correct PTFs have been ...

  • Connecting multiple iSeries systems through DDM

    Working with databases over multiple iSeries systems can be simple when remotely connecting logical partitions with distributed ...

SearchEnterpriseLinux

SearchVirtualDataCentre.co.uk

Close