Re: [WebDNA] Can I do something with webdna to pass-protect an

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103434
interpreted = N
texte = Put the file(s) in globals and [include] them only upon successful login. A further protection (which I got from the archives) would be to serve th= em via [returnraw] --=20 half-ass tested by me, seems to work on Windows XP Home; no promises othe= rwise: [text]theFullPathtoFile=3D^path/to/your/file/in/globals/theFile.swf[/text= ] [text]theFileName=3DtheFile.swf[/text] [text]line_ending=3D%0D%0A[/text] [ReturnRaw binarybody=3D[theFullPathtoFile]][!] [/!]HTTP/1.0 200 OK[unurl][line_ending][/unurl][!] [/!]Status: 200[unurl][line_ending][/unurl][!] [/!]Content-Type: application/octet-stream[unurl][line_ending][/unurl][!] [/!]Content-Disposition: attachment;=20 filename=3D"[theFileName]"[unurl][line_ending][line_ending][/unurl][!] [/!][/ReturnRaw] -Dan On Mon, 24 Aug 2009 18:54:45 -0600 John Butler wrote: > Hi all >=20 > I am now writing and installing (cookie/database-based) code to pass- p= rotect ("parent") pages=20 >such as this one: >=20 > #1) > http://www.notmyrealdomain.com/dir1/dir2/Introduction.html >=20 > ..so that a user cannot watch a shockwave movie unless he has a valid = user/pass in my webdna=20 >db. > (This parent page uses javascript to automatically start to play a sho= ckwave movie which is in=20 >that same directory) >=20 > i.e. this one: >=20 > #2) > http://www.notmyrealdomain.com/dir1/dir2/Introduction.swf >=20 > I am all set in every way, except that I do not know how to stop a use= r from simply entering=20 >the immediately-above path (#2) to the swf file directly, and so bypass= ing my user/pass=20 >protection code which is in the parent page (#1) (whose path I pasted w= ay above). >=20 > If I manage to get the shared-host server admin to put server-side (ap= ache? .htaccess?) "realm=20 >protection" on the whole folder then the user will never even be able t= o reach my parent page=20 >(#1). If I move the swf file to a new directory and manage to reconfig= ure the javascript to=20 >work to load it at the new location, then maybe it makes sense to use a= pache/htaccess realm=20 >protection for that NEW folder which contains ONLY the swf file.. but = then will the parent page=20 > still be able to load the swf file without the apache/htaccess user/ pa= ss? >=20 > Or do you have any suggestions how to solve this? >=20 > I realize this is bordering on OT, but I'd love to solve with pure web= dna if possible. >=20 > thanks for any feedback, > -Govinda > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&categor= y=3D288 Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Can I do something with webdna to pass-protect an attempt to access a swf file directly? (Govinda 2009)
  2. Re: [WebDNA] Can I do something with webdna to pass-protect an ("Dan Strong" 2009)
  3. Re: [WebDNA] Can I do something with webdna to pass-protect an attempt to access a swf file directly? (Govinda 2009)
  4. Re: [WebDNA] Can I do something with webdna to pass-protect an ("Dan Strong" 2009)
  5. [WebDNA] Can I do something with webdna to pass-protect an attempt to access a swf file directly? (John Butler 2009)
Put the file(s) in globals and [include] them only upon successful login. A further protection (which I got from the archives) would be to serve th= em via [returnraw] --=20 half-ass tested by me, seems to work on Windows XP Home; no promises othe= rwise: [text]theFullPathtoFile=3D^path/to/your/file/in/globals/theFile.swf[/text= ] [text]theFileName=3DtheFile.swf[/text] [text]line_ending=3D%0D%0A[/text] [ReturnRaw binarybody=3D[theFullPathtoFile]][!] [/!]HTTP/1.0 200 OK[unurl][line_ending][/unurl][!] [/!]Status: 200[unurl][line_ending][/unurl][!] [/!]Content-Type: application/octet-stream[unurl][line_ending][/unurl][!] [/!]Content-Disposition: attachment;=20 filename=3D"[theFileName]"[unurl][line_ending][line_ending][/unurl][!] [/!][/ReturnRaw] -Dan On Mon, 24 Aug 2009 18:54:45 -0600 John Butler wrote: > Hi all >=20 > I am now writing and installing (cookie/database-based) code to pass- p= rotect ("parent") pages=20 >such as this one: >=20 > #1) > http://www.notmyrealdomain.com/dir1/dir2/Introduction.html >=20 > ..so that a user cannot watch a shockwave movie unless he has a valid = user/pass in my webdna=20 >db. > (This parent page uses javascript to automatically start to play a sho= ckwave movie which is in=20 >that same directory) >=20 > i.e. this one: >=20 > #2) > http://www.notmyrealdomain.com/dir1/dir2/Introduction.swf >=20 > I am all set in every way, except that I do not know how to stop a use= r from simply entering=20 >the immediately-above path (#2) to the swf file directly, and so bypass= ing my user/pass=20 >protection code which is in the parent page (#1) (whose path I pasted w= ay above). >=20 > If I manage to get the shared-host server admin to put server-side (ap= ache? .htaccess?) "realm=20 >protection" on the whole folder then the user will never even be able t= o reach my parent page=20 >(#1). If I move the swf file to a new directory and manage to reconfig= ure the javascript to=20 >work to load it at the new location, then maybe it makes sense to use a= pache/htaccess realm=20 >protection for that NEW folder which contains ONLY the swf file.. but = then will the parent page=20 > still be able to load the swf file without the apache/htaccess user/ pa= ss? >=20 > Or do you have any suggestions how to solve this? >=20 > I realize this is bordering on OT, but I'd love to solve with pure web= dna if possible. >=20 > thanks for any feedback, > -Govinda > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&categor= y=3D288 "Dan Strong"

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

Limit on nested [ShowIf]'s? (1997) Passing along data (2000) WC2b15 - [HTMLx]...[/HTMLx] problems (1997) Follow-Up to: Removing [showif] makes a big difference in speed (1997) [append] (1997) Sorry I didn't pay attention-but ??? (1997) [WebDNA] Small Parsing Problem (2009) Almost a there but..bye bye NetCloak (1997) Requiring that certain fields be completed (1997) WebCatalog Programmer looking for a new job (2001) RE: Generating Pages (1999) Bug or syntax error on my part? (1997) allow or deny based on referer.... (1997) Variables for chat (1997) Updating a database once per day - An example (1998) Custom error files (1998) [WebDNA] Crashing (2008) WebCat name recognition (was MacFinder -- a new WebDNA web site) (1998) Great product and great job ! (1997) Unexpected error (1997)