Re: [WebDNA] Can I do something with webdna to pass-protect an
This WebDNA talk-list message is from 2009
It keeps the original formatting.
numero = 103453
interpreted = N
texte = I was very tired when I wrote that last night.. what I meant was to house= the 'protected' files in=20globals, that's all... I realized what I had typed after I laid down to g=o to sleep. Disregard the=20first part. The second part [returnraw] seems to work from my limited tes=ting. -DanOn Tue, 25 Aug 2009 15:44:50 -0600 Govinda
wrote:> Dan, thanks for your reply,...>=20>> Put the file(s) in globals and [include] them only upon successful =20>> login.>=20> What do you mean ^^^ here? It seems obvious to me, but since I am jus=t doing this for the=20>first time, I have to ask, surely you don't mean to just literally stic=k this on the=20>pass-protected page:> [include file=3D^dir1/dir2/Introduction.swf]>=20> webdna would think I was trying to include literal text, or at best we=bdna, not a SWF file.=20> (?!)>=20> I am about to see if I can make work your latter suggestion.. I just w=anted to see what you=20>were saying by the above.>=20> -G>=20>>>> A further protection (which I got from the archives) would be to =20>> serve them via [returnraw] -- half-ass tested by me, seems to work =20>> on Windows XP Home; no promises otherwise:>>>> [text]theFullPathtoFile=3D^path/to/your/file/in/globals/theFile.swf[/=20>> text]>> [text]theFileName=3DtheFile.swf[/text]>> [text]line_ending=3D%0D%0A[/text]>>>> [ReturnRaw binarybody=3D[theFullPathtoFile]][!]>> [/!]HTTP/1.0 200 OK[unurl][line_ending][/unurl][!]>> [/!]Status: 200[unurl][line_ending][/unurl][!]>> [/!]Content-Type: application/octet-stream[unurl][line_ending][/=20>> unurl][!]>> [/!]Content-Disposition: attachment; filename=3D"[theFileName]"[unurl]==20>> [line_ending][line_ending][/unurl][!]>> [/!][/ReturnRaw]>>>> -Dan>>>>>> On Mon, 24 Aug 2009 18:54:45 -0600>> John Butler wrote:>>> Hi all>>> I am now writing and installing (cookie/database-based) code to =20>>> pass- protect ("parent") pages such as this one:>>> #1)>>> http://www.notmyrealdomain.com/dir1/dir2/Introduction.html>>> ..so that a user cannot watch a shockwave movie unless he has a =20>>> valid user/pass in my webdna db.>>> (This parent page uses javascript to automatically start to play a =20>>> shockwave movie which is in that same directory)>>> i.e. this one:>>> #2)>>> http://www.notmyrealdomain.com/dir1/dir2/Introduction.swf>>> I am all set in every way, except that I do not know how to stop a =20>>> user from simply entering the immediately-above path (#2) to the =20>>> swf file directly, and so bypassing my user/pass protection code =20>>> which is in the parent page (#1) (whose path I pasted way above).>>> If I manage to get the shared-host server admin to put server-side =20>>> (apache? .htaccess?) "realm protection" on the whole folder then =20>>> the user will never even be able to reach my parent page (#1). If =20>>> I move the swf file to a new directory and manage to reconfigure =20>>> the javascript to work to load it at the new location, then maybe =20>>> it makes sense to use apache/htaccess realm protection for that =20>>> NEW folder which contains ONLY the swf file.. but then will the =20>>> parent page still be able to load the swf file without the apache/=20>>> htaccess user/ pass?>>> Or do you have any suggestions how to solve this?>>> I realize this is bordering on OT, but I'd love to solve with pure =20>>> webdna if possible.>>> thanks for any feedback,>>> -Govinda> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&categor=y=3D288
Associated Messages, from the most recent to the oldest:
I was very tired when I wrote that last night.. what I meant was to house= the 'protected' files in=20globals, that's all... I realized what I had typed after I laid down to g=o to sleep. Disregard the=20first part. The second part [returnraw] seems to work from my limited tes=ting. -DanOn Tue, 25 Aug 2009 15:44:50 -0600 Govinda wrote:> Dan, thanks for your reply,...>=20>> Put the file(s) in globals and [include] them only upon successful =20>> login.>=20> What do you mean ^^^ here? It seems obvious to me, but since I am jus=t doing this for the=20>first time, I have to ask, surely you don't mean to just literally stic=k this on the=20>pass-protected page:> [include file=3D^dir1/dir2/Introduction.swf]>=20> webdna would think I was trying to include literal text, or at best we=bdna, not a SWF file.=20> (?!)>=20> I am about to see if I can make work your latter suggestion.. I just w=anted to see what you=20>were saying by the above.>=20> -G>=20>>>> A further protection (which I got from the archives) would be to =20>> serve them via [returnraw] -- half-ass tested by me, seems to work =20>> on Windows XP Home; no promises otherwise:>>>> [text]theFullPathtoFile=3D^path/to/your/file/in/globals/theFile.swf[/=20>> text]>> [text]theFileName=3DtheFile.swf[/text]>> [text]line_ending=3D%0D%0A[/text]>>>> [ReturnRaw binarybody=3D[theFullPathtoFile]][!]>> [/!]HTTP/1.0 200 OK[unurl][line_ending][/unurl][!]>> [/!]Status: 200[unurl][line_ending][/unurl][!]>> [/!]Content-Type: application/octet-stream[unurl][line_ending][/=20>> unurl][!]>> [/!]Content-Disposition: attachment; filename=3D"[theFileName]"[unurl]==20>> [line_ending][line_ending][/unurl][!]>> [/!][/ReturnRaw]>>>> -Dan>>>>>> On Mon, 24 Aug 2009 18:54:45 -0600>> John Butler wrote:>>> Hi all>>> I am now writing and installing (cookie/database-based) code to =20>>> pass- protect ("parent") pages such as this one:>>> #1)>>> http://www.notmyrealdomain.com/dir1/dir2/Introduction.html>>> ..so that a user cannot watch a shockwave movie unless he has a =20>>> valid user/pass in my webdna db.>>> (This parent page uses javascript to automatically start to play a =20>>> shockwave movie which is in that same directory)>>> i.e. this one:>>> #2)>>> http://www.notmyrealdomain.com/dir1/dir2/Introduction.swf>>> I am all set in every way, except that I do not know how to stop a =20>>> user from simply entering the immediately-above path (#2) to the =20>>> swf file directly, and so bypassing my user/pass protection code =20>>> which is in the parent page (#1) (whose path I pasted way above).>>> If I manage to get the shared-host server admin to put server-side =20>>> (apache? .htaccess?) "realm protection" on the whole folder then =20>>> the user will never even be able to reach my parent page (#1). If =20>>> I move the swf file to a new directory and manage to reconfigure =20>>> the javascript to work to load it at the new location, then maybe =20>>> it makes sense to use apache/htaccess realm protection for that =20>>> NEW folder which contains ONLY the swf file.. but then will the =20>>> parent page still be able to load the swf file without the apache/=20>>> htaccess user/ pass?>>> Or do you have any suggestions how to solve this?>>> I realize this is bordering on OT, but I'd love to solve with pure =20>>> webdna if possible.>>> thanks for any feedback,>>> -Govinda> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&categor=y=3D288
"Dan Strong"
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
Logging purchases (1997)
fixed date problem (1997)
send mail problem? (1997)
Quiestion (1997)
Help with database strategy (1998)
FW: ANother SHOWIF problem (1997)
Quitting WebMerchant ? (1997)
Here's an example of an applet in a tpl (1997)
Unique SKU Numbers (2000)
OT - Homesite Tags (2004)
[WebDNA] WebDNA 6.2 and Mac OS X 10.5 Client / Server ? (2009)
WC 2.0 frames feature (1997)
2.0 Info (1997)
Running _every_ page through WebCat ? (1997)
Windows Install issue (2003)
San Diego WebCat/Network Position (2000)
Problem (1997)
Using Plug-In while running 1.6.1 (1997)
Secured Order Forms (1998)
hidden databases (2000)