What is WebDNA

WebDNA is a scripting and database system designed to easily build web applications.

WebDNA and BioType

BioType service is a biometric keystroke dynamic system. It will be part of WebDNA 8.5

Download WebDNA

Download WebDNA freeware, try it and register later if you want.

WebDNA resources

The list of all WebDNA instructions.
WebDNA
Software Corporation
Search WebDNA Site
 Menu


HOME


DOWNLOADS


LEARN


EDUCATION


NEWS


COMMUNITY


STORE


SUPPORT


CONTACT

Re: Protecting a folder

This WebDNA talk-list message is from

2000


It keeps the original formatting.
numero = 35718
interpreted = N
texte = I would be very surprised if resetting the header can do it. The only way (I know) to change user and password on the fly is to put them into the URL: http://myname:mypass@www.server.com/download/... But how to hide this? Frames won't fool an experienced user, neither a refresh. And you can't encrypt this part of the URL.Sorry, I have no other idea yet than the move/rename approach. If the files are not really huge and you can't have a folder outside the root I would try it: for testing name the files like filename.db which prevents delivery by your Webstar.The following assumes you have a folder /download/ which holds your original .sit files but all with the suffix .db1 - Deliver a faked listing: [listfiles /download/] [getchars start=3&from=end][filename].sit[/getchars]
[/listfiles] (so the user will never see a .db extension) Yes, the download must point to a template, not to a file. 2 - User clicks on a link. 3 - Create a temporary folder [SessionID] 4 - Move /download/filename.db to /[SessionID]/filename.temp 5 - WaitForFile /[SessionID]/filename.temp 6 - Rename it to /[SessionID]/filename.sit 7 - Redirect to this file, this starts the downloadLater you will find a chance to remove the SessionID from the user and delete filename.sit plus the temporary folder.We are on Linux now with most servers and I'm not sure if copying large files is a good idea on newer Mac's. And you might not need the above temp-sit-renaming on Mac after the copy. On Linux I do, because the file emerges immediately and [waitforfile] sees it to early.Hope, this is worth a try :) Peter---> From: Stuart Tremain > Reply-To: (WebCatalog Talk) > Date: 04 Aug 2000 10:27:33 > To: (WebCatalog Talk) > Subject: Re: Protecting a folder > > I'm using [ListFiles] to display what is available. > > The files are accessible from a protected template. I basically don't want > people to access them without going through the template as it logs their > access etc etc and the visitor would be able to access the folder directly if > I can't protect it. > > Are the ID & pasword passed by the browser in the header, could I reset the > header to include a generic password to get them into the realm from the > template? Would this be secure enough? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Associated Messages, from the most recent to the oldest:

    
  1. [OT] Password protecting a folder in iTools (WJ Starck 2003)
  2. Re: Protecting a folder (Michael Davis 2000)
  3. Re: Protecting a folder (Stuart Tremain 2000)
  4. Re: Protecting a folder (Peter Ostry 2000)
  5. Re: Protecting a folder (Stuart Tremain 2000)
  6. Re: Protecting a folder (Peter Ostry 2000)
  7. Re: Protecting a folder (Stuart Tremain 2000)
  8. Re: Protecting a folder (Peter Ostry 2000)
  9. Re: Protecting a folder (Stuart Tremain 2000)
  10. Re: Protecting a folder (Peter Ostry 2000)
  11. Protecting a folder (Stuart Tremain 2000)
I would be very surprised if resetting the header can do it. The only way (I know) to change user and password on the fly is to put them into the URL: http://myname:mypass@www.server.com/download/... But how to hide this? Frames won't fool an experienced user, neither a refresh. And you can't encrypt this part of the URL.Sorry, I have no other idea yet than the move/rename approach. If the files are not really huge and you can't have a folder outside the root I would try it: for testing name the files like filename.db which prevents delivery by your Webstar.The following assumes you have a folder /download/ which holds your original .sit files but all with the suffix .db1 - Deliver a faked listing: [listfiles /download/] [getchars start=3&from=end][filename].sit[/getchars]
[/listfiles] (so the user will never see a .db extension) Yes, the download must point to a template, not to a file. 2 - User clicks on a link. 3 - Create a temporary folder [SessionID] 4 - Move /download/filename.db to /[SessionID]/filename.temp 5 - WaitForFile /[SessionID]/filename.temp 6 - Rename it to /[SessionID]/filename.sit 7 - Redirect to this file, this starts the downloadLater you will find a chance to remove the SessionID from the user and delete filename.sit plus the temporary folder.We are on Linux now with most servers and I'm not sure if copying large files is a good idea on newer Mac's. And you might not need the above temp-sit-renaming on Mac after the copy. On Linux I do, because the file emerges immediately and [waitforfile] sees it to early.Hope, this is worth a try :) Peter---> From: Stuart Tremain > Reply-To: (WebCatalog Talk) > Date: 04 Aug 2000 10:27:33 > To: (WebCatalog Talk) > Subject: Re: Protecting a folder > > I'm using [listfiles] to display what is available. > > The files are accessible from a protected template. I basically don't want > people to access them without going through the template as it logs their > access etc etc and the visitor would be able to access the folder directly if > I can't protect it. > > Are the ID & pasword passed by the browser in the header, could I reset the > header to include a generic password to get them into the realm from the > template? Would this be secure enough? ------------------------------------------------------------- This message is sent to you because you are subscribed to the mailing list . To unsubscribe, E-mail to: To switch to the DIGEST mode, E-mail to Web Archive of this list is at: http://search.smithmicro.com/ Peter Ostry

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

WebDNA and SQL (2003) [showif] not working (2003) Pithy questions on webcommerce & siteedit (1997) WC2f3 (1997) [input] questions (1997) DB permission issues (2004) ShowNext (1997) Add a field to the error log? (1997) [searchString] (1997) auction system w/ Web Cat (1999) ListFields and [name] (1997) Text limits in NT version? (1997) Shopping Cart Problem (1998) Trouble with formula.db + more explanation (1997) Emailer setup (1997) Search Order? (2000) WCS Newbie question (1997) Re(2):Foreign Chars ( ����and so on) (1998) TaxTotal Problem (1997) login via cookies (2006)