In general, you don't. A common method to ensure it comes from a web page is Cross Site Request Forgery (CSRF) protection, which you'll probably want to look up if you're interested. In short, it uses a hidden form field sent with the data, and usually duplicated in a cookie. When you submit the form, the hidden field data and the cookie data are compared, if they match it can be assumed you posted via the web page.

Sorry if that's not what you were asking, and note there are lots of different ways to do this, that's just one example.