Re: Protecting a folder
This WebDNA talk-list message is from 2000
It keeps the original formatting.
numero = 35718
interpreted = N
texte = I would be very surprised if resetting the header can do it. The only way (Iknow) to change user and password on the fly is to put them into the URL:http://myname:mypass@www.server.com/download/...But how to hide this? Frames won't fool an experienced user, neither arefresh. And you can't encrypt this part of the URL.Sorry, I have no other idea yet than the move/rename approach. If the filesare not really huge and you can't have a folder outside the root I would tryit: for testing name the files like filename.db which prevents delivery byyour Webstar.The following assumes you have a folder /download/ which holds youroriginal .sit files but all with the suffix .db1 - Deliver a faked listing:[listfiles /download/][getchars start=3&from=end][filename].sit[/getchars]
[/listfiles](so the user will never see a .db extension)Yes, the download must point to a template, not to a file.2 - User clicks on a link.3 - Create a temporary folder [SessionID]4 - Move /download/filename.db to /[SessionID]/filename.temp5 - WaitForFile /[SessionID]/filename.temp6 - Rename it to /[SessionID]/filename.sit7 - Redirect to this file, this starts the downloadLater you will find a chance to remove the SessionID from the user anddelete filename.sit plus the temporary folder.We are on Linux now with most servers and I'm not sure if copying largefiles is a good idea on newer Mac's. And you might not need the abovetemp-sit-renaming on Mac after the copy. On Linux I do, because the fileemerges immediately and [waitforfile] sees it to early.Hope, this is worth a try :)Peter---> From: Stuart Tremain
> Reply-To: (WebCatalog Talk)> Date: 04 Aug 2000 10:27:33> To: (WebCatalog Talk)> Subject: Re: Protecting a folder> > I'm using [ListFiles] to display what is available.> > The files are accessible from a protected template. I basically don't want> people to access them without going through the template as it logs their> access etc etc and the visitor would be able to access the folder directly if> I can't protect it.> > Are the ID & pasword passed by the browser in the header, could I reset the> header to include a generic password to get them into the realm from the> template? Would this be secure enough?-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Associated Messages, from the most recent to the oldest:
I would be very surprised if resetting the header can do it. The only way (Iknow) to change user and password on the fly is to put them into the URL:http://myname:mypass@www.server.com/download/...But how to hide this? Frames won't fool an experienced user, neither arefresh. And you can't encrypt this part of the URL.Sorry, I have no other idea yet than the move/rename approach. If the filesare not really huge and you can't have a folder outside the root I would tryit: for testing name the files like filename.db which prevents delivery byyour Webstar.The following assumes you have a folder /download/ which holds youroriginal .sit files but all with the suffix .db1 - Deliver a faked listing:[listfiles /download/][getchars start=3&from=end][filename].sit[/getchars]
[/listfiles](so the user will never see a .db extension)Yes, the download must point to a template, not to a file.2 - User clicks on a link.3 - Create a temporary folder [SessionID]4 - Move /download/filename.db to /[SessionID]/filename.temp5 - WaitForFile /[SessionID]/filename.temp6 - Rename it to /[SessionID]/filename.sit7 - Redirect to this file, this starts the downloadLater you will find a chance to remove the SessionID from the user anddelete filename.sit plus the temporary folder.We are on Linux now with most servers and I'm not sure if copying largefiles is a good idea on newer Mac's. And you might not need the abovetemp-sit-renaming on Mac after the copy. On Linux I do, because the fileemerges immediately and [waitforfile] sees it to early.Hope, this is worth a try :)Peter---> From: Stuart Tremain > Reply-To: (WebCatalog Talk)> Date: 04 Aug 2000 10:27:33> To: (WebCatalog Talk)> Subject: Re: Protecting a folder> > I'm using [listfiles] to display what is available.> > The files are accessible from a protected template. I basically don't want> people to access them without going through the template as it logs their> access etc etc and the visitor would be able to access the folder directly if> I can't protect it.> > Are the ID & pasword passed by the browser in the header, could I reset the> header to include a generic password to get them into the realm from the> template? Would this be secure enough?-------------------------------------------------------------This message is sent to you because you are subscribed to the mailing list .To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/
Peter Ostry
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
WebCat2 - [include] tags (1997)
[WebDNA] =?windows-1252?Q?Re=3A_=5BWebDNA=5D_WebDNA_v7_questions_=85=2E?= (2011)
Associative lookup style? (1997)
Grep help needed (2004)
Inventory Control (2000)
Size Limitation through a POST via SSL? (2005)
Capitalize (2003)
suffix mapping, use of cache, etc. (1997)
Mac 2.1b2 speed (1997)
WebCatalog NT beta 18 problem (1997)
RE: Formulas.db + Users.db (1997)
I have observed and I am gone. (1998)
[OT] - See my site? (2004)
Requiring that certain fields be completed (1997)
Closing Databases (1998)
Shopping Cart variation... (1997)
[WebDNA] possible bug? (db field named [width]) (2012)
b12 cannot limit records returned and more. (1997)
A dynamic database. (1997)
[WebDNA] How can I uninstall WebDNA on OS X =?UTF-8?Q?Sierra=3F?= (2017)