Ask the Expert

More info about $DefaultNav

I have a question. How can you avoid going to the defaultnavigator page on Web by using the following url:

http://www.website.com/db.nsf/$defaultnav/?opennavigator

I tried to redirect the url using mapping the url by creating a url mapping/redirecting. It is not working properly. How do I go about it? An explanation with an example would be of great help.


This topic has come up before, but it turns out to be fairly difficult to cover all the possible ways that someone might exploit this problem. Here is some additional info, the first from a reader of my www.DominoSecurity.org Web site, and the second from a DominoPower techtip.

Chuck Connell
http://www.chc-3.com


From Darren Davison...

On Unix / Linux platforms however, the URL re-directions are case-sensitive so in order to avoid having to create 2^10 documents to cover the above wildcarded example, you have to be even more circumspect. We simply use the following on our Linux servers.

"/*/$d*" and "/*/$D*"


by Dan Velasco, Senior Technical Editor (dvelasco@dominopower.com)

While I've seen this technique described in tips before, one thing that's not always mentioned is the fact that there are five different ways for a person to use the $DefaultNav command to open a database on your server. All of the following URLs will do the job:

1) /servername/dbname.nsf/$DefaultNav
2) /servername/dbname.nsf/$DefaultNav?Open
3) /servername/dbname.nsf/$DefaultNav!Open
4) /servername/dbname.nsf/$DefaultNav?OpenNavigator
5) /servername/dbname.nsf/$DefaultNav!OpenNavigator

Therefore, in order to do effectively thwart people from using the $DefaultNav URL command on your Domino databases, you'll have to create two Redirection URL documents on the server to account for all of these variations.

To create a URL redirection document, open the Domino Directory, go to the Servers view, and select the server you want to create the redirection for. On the Actions bar, click the Web button and choose "Create URL Mapping/Redirection". Follow the guide below to fill out the information on this document:

Basics tab:
What do you want to set up?: URL-->Redirection URL

Site Information Tab:
Leave this blank, unless you are working with a specific virtual server.

Mapping Tab:
Incoming URL path: */*.nsf/$DefaultNav
Redirection URL string: http://yoursitename.com

Save and close the redirection document. You can view it in the Web Configurations View of the Domino Directory. Create a second redirection document the same as above except using "*/*.nsf/$DefaultNav*" as the Incoming URL path.

You should see something such as the following when you view your Web Configurations:

Redirection URL-->URL for (*/*.nsf/$DefaultNav-->http://yoursitename.com)
Redirection URL-->URL for (*/*.nsf/$DefaultNav*-->http://yoursitename.com)


This was first published in October 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: