subject:"Protecting Content"

Re: Protecting Content

2002-01-31 Thread Dave Hannum


OK.  I'm getting the .swf file via CFHTTP.  No problem.  I see it on the
server and if I click on it, it fires up my flash player.  However, when 
I
try to deliver it to the page via cfcontent, I get garbled output instead
 of
starting up the flash player.  Any clues?  Below is how I called it.

http://someserver.ohio.edu/news.swf";
  METHOD="GET"
  PATH="c:\inetpub\wwwroot\newssvc\options"
  FILE="news.swf" RESOLVEURL="false">



Dave


- Original Message -
From: "Dave Watts" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Wednesday, January 30, 2002 3:31 PM
Subject: RE: Protecting Content


> > CFHttp doesn't like anything other than ASCII content.
> > Perhaps you can do a raw grab (probably require a COM
> > object or CFX - there's bound to be something on the
> > tag gallery) as opposed to  - then I think it'd
> > be easy to use CFContent to deliver the goods.
>
> I think you can use CFHTTP to retrieve any sort of file you like; you'l
l
> have to use the PATH and maybe the FILE attribute to save it to the
> filesystem, though, rather than referencing CFHTTP.FileContent.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
> 
__
Get Your Own Dedicated Windows 2000 Server
  PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Re: Protecting Content

2002-01-30 Thread Billy Cravens


duh - I was merely thinking of output.  I'll go sit in the stupid corner
now.

- Original Message -
From: "Dave Watts" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Wednesday, January 30, 2002 2:31 PM
Subject: RE: Protecting Content


> > CFHttp doesn't like anything other than ASCII content.
> > Perhaps you can do a raw grab (probably require a COM
> > object or CFX - there's bound to be something on the
> > tag gallery) as opposed to  - then I think it'd
> > be easy to use CFContent to deliver the goods.
>
> I think you can use CFHTTP to retrieve any sort of file you like; you'll
> have to use the PATH and maybe the FILE attribute to save it to the
> filesystem, though, rather than referencing CFHTTP.FileContent.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
> 
__
Why Share?
  Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Protecting Content

2002-01-30 Thread Tony Schreiber


Correct. I use CFHTTP to grab (and save) image files all the time...

> I think you can use CFHTTP to retrieve any sort of file you like; you'll
> have to use the PATH and maybe the FILE attribute to save it to the
> filesystem, though, rather than referencing CFHTTP.FileContent.
>
> Dave Watts, CTO, Fig Leaf Software
> http://www.figleaf.com/
> voice: (202) 797-5496
> fax: (202) 797-5444
> 
__
Why Share?
  Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Protecting Content

2002-01-30 Thread Dave Watts


> CFHttp doesn't like anything other than ASCII content.  
> Perhaps you can do a raw grab (probably require a COM 
> object or CFX - there's bound to be something on the 
> tag gallery) as opposed to  - then I think it'd 
> be easy to use CFContent to deliver the goods.

I think you can use CFHTTP to retrieve any sort of file you like; you'll
have to use the PATH and maybe the FILE attribute to save it to the
filesystem, though, rather than referencing CFHTTP.FileContent.

Dave Watts, CTO, Fig Leaf Software
http://www.figleaf.com/
voice: (202) 797-5496
fax: (202) 797-5444
__
Why Share?
  Dedicated Win 2000 Server · PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusionc
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Re: Protecting Content

2002-01-30 Thread Billy Cravens


CFHttp doesn't like anything other than ASCII content.  Perhaps you can do a
raw grab (probably require a COM object or CFX - there's bound to be
something on the tag gallery) as opposed to  - then I think it'd be
easy to use CFContent to deliver the goods.

- Original Message -
From: "Dave Hannum" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Wednesday, January 30, 2002 2:06 PM
Subject: Protecting Content


> Hello,
>
> We want to put a flash application on one server to deliver news items in
a
> flash environment.  I want to be able to grab that from an application on
> another server, but I don't want to divulge to the end user the source of
> the .swf file.  So, I'd want to do something like grab the .swf via cfhttp
> and deliver it via cfcontent or something like that.  Any suggestions.  My
> efforts have failed so far.
>
> Dave
>
>
> ===
> David R Hannum
> Ohio University
> Web Analyst/Programmer
> (740) 597-2524
> [EMAIL PROTECTED]
>
>
> "If your wife is having fun and you're not,
> you're still having a lot more fun than if you're
> having fun and she's not!'  - Red Green
>
> 
__
Get Your Own Dedicated Windows 2000 Server
  PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

Protecting Content

2002-01-30 Thread Dave Hannum


Hello,

We want to put a flash application on one server to deliver news items in a
flash environment.  I want to be able to grab that from an application on
another server, but I don't want to divulge to the end user the source of
the .swf file.  So, I'd want to do something like grab the .swf via cfhttp
and deliver it via cfcontent or something like that.  Any suggestions.  My
efforts have failed so far.

Dave


===
David R Hannum
Ohio University
Web Analyst/Programmer
(740) 597-2524
[EMAIL PROTECTED]


"If your wife is having fun and you're not,
you're still having a lot more fun than if you're
having fun and she's not!'  - Red Green

__
Dedicated Windows 2000 Server
  PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER
  Instant Activation · $99/Month · Free Setup
  http://www.pennyhost.com/redirect.cfm?adcode=coldfusiona
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Protecting Content ... A nice solution

2000-10-04 Thread Nadir Ait-Laoussine


To all who have participated on this discussion Thank you very much.  With
all the feedback I received from here, we were able to come up with a cross
browser solution which worked quite well.  The challenge was to embed the
output of the  CFcontent tag with the rest of the page.  This of course is
not doable, as CFcontent explodes to the full extent of the window.

Using Frames and Layers and the cf_aebrowser custom tag we were able to
create a secure and simple solution.
Secure: because it is a cfm document and it validates user authentication
while never displaying the file name or the location
simple, only cfcontent and some browser check code.  Much more simple to
implement than a $40,000 server to protect content (company name will be
witheld :))

If you are interested in seeing it in action, go to:
http://www.edificium.com/imagetest/getstuff.cfm

This doesn't take into account our security framework, but it shows how it
works.

Again, thanks a lot to all who have helped out on this matter.

Nadir Ait-Laoussine
PS: I would be glad to make the code available to anyone who would like it.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, October 02, 2000 1:02 PM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?



As anyone who's ever worked with HTTP at the protocol level (or with CFHTTP)
can tell you, the way it works is you fetch the html (or cfm) document in
question, then parse through it looking for all the img url, then fetch them
BASED ON THIER URL.

Thus it's impossible to protect them. You can use cfcontent with a cfm to
obsure their actual physical location. But whether the image is at
"images\bob.gif" or "images.cfm?image=bob.gif" they still retrieve the
content for display (or to save).

You could do additional cgi user agent and refer(r)er checking to stop
casual direct grabs from the browser command line, but it won't stop
anything else.

Since it's a relative url based the wwwroot of the domain I'm not sure why
it would matter anyway unless the images are to be password protected..

--min

> The issue is not to make a document not available to someone who
> can see it
> but to someone who cannot see it...
>
> Case in point...  the  tag will let you know that a file is
> located at /a/b/file.jpg
> so you could go to the location bar and look for that image.  You
> could get
> tricky and try to view other files located at that location...
> /a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
> little too much information.
>
> So the concern is not so much the document itself, but rather the
> ability to
> figure out where it is located.  It's been recommended to me to use CF
> mappings to substitue for that, problem is that CF mappings, as far as I
> know, do not work with the IMG tag, let alone the EMBED tag.
>
> So I am left with the CFCONTENT tag, problem with the content tag
> is that it
> takes over the entire screen.  I've tried to embed it in a layer
> or IFRAME,
> but it still takes over the whole window.
>
> There are a few PERL scripts out there that "mask" the path to
> the file.  So
> by typing www.mydomain.com/getstuff.cgi?image.jpg, the script
> would display
> the image but masking it's location (which in reality is not a
> web location,
> but a physical location on the web server [c:\...]) This works well except
> that all the scripts that I have tried choke (by that I mean render only
> part of) the file.  regardless of the MIME type.  I think the problem is
> that those scripts were written on UNIX, and we are on WIN2K.
>
> So that is where we are.
>
> Note that the last option (the PERL option) is still not exactly
> what we are
> looking for because of
> 1. security problems with CGI scripts in general
> 2. it does not work with the IMG tag.
>
> Nadir


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-10-02 Thread Larry W. Virden


Re: knowing the path to a image tells the user too much...

Then don't give them a path to your images.  Instead, give them a 
path to some sort of cgi, with arguments which, which processed 
along with a page name or some other argument, lead one to only 
one image.  That way, guessing other image names fails.  Think of 
it as a 2 argument hash - the first argument is the page name and 
the second is some kind of unique image identifier not trivially 
guessed.  

Basically, it works the same way things would look if you were 
storing your images in a database and then using ColdFusion to do 
a SQL search for the page text and the images associated with the 
pages, then sending all of these to the user without storing them 
in a directory on your site...

-- 
Larry W. Virden mailto:[EMAIL PROTECTED]> 
http://www.purl.org/net/lvirden/>
Even if explicitly stated to the contrary, nothing in this 
posting
should be construed as representing my employer's opinions.


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-10-02 Thread lsellers



As anyone who's ever worked with HTTP at the protocol level (or with CFHTTP)
can tell you, the way it works is you fetch the html (or cfm) document in
question, then parse through it looking for all the img url, then fetch them
BASED ON THIER URL.

Thus it's impossible to protect them. You can use cfcontent with a cfm to
obsure their actual physical location. But whether the image is at
"images\bob.gif" or "images.cfm?image=bob.gif" they still retrieve the
content for display (or to save).

You could do additional cgi user agent and refer(r)er checking to stop
casual direct grabs from the browser command line, but it won't stop
anything else.

Since it's a relative url based the wwwroot of the domain I'm not sure why
it would matter anyway unless the images are to be password protected..

--min

> The issue is not to make a document not available to someone who
> can see it
> but to someone who cannot see it...
>
> Case in point...  the  tag will let you know that a file is
> located at /a/b/file.jpg
> so you could go to the location bar and look for that image.  You
> could get
> tricky and try to view other files located at that location...
> /a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
> little too much information.
>
> So the concern is not so much the document itself, but rather the
> ability to
> figure out where it is located.  It's been recommended to me to use CF
> mappings to substitue for that, problem is that CF mappings, as far as I
> know, do not work with the IMG tag, let alone the EMBED tag.
>
> So I am left with the CFCONTENT tag, problem with the content tag
> is that it
> takes over the entire screen.  I've tried to embed it in a layer
> or IFRAME,
> but it still takes over the whole window.
>
> There are a few PERL scripts out there that "mask" the path to
> the file.  So
> by typing www.mydomain.com/getstuff.cgi?image.jpg, the script
> would display
> the image but masking it's location (which in reality is not a
> web location,
> but a physical location on the web server [c:\...]) This works well except
> that all the scripts that I have tried choke (by that I mean render only
> part of) the file.  regardless of the MIME type.  I think the problem is
> that those scripts were written on UNIX, and we are on WIN2K.
>
> So that is where we are.
>
> Note that the last option (the PERL option) is still not exactly
> what we are
> looking for because of
> 1. security problems with CGI scripts in general
> 2. it does not work with the IMG tag.
>
> Nadir

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-02 Thread James Smith


I would imagine there is some slowdown as the server is doing more work than
it would otherwise do.  However I just created a test page with 5 unique
images on it all called in this way, and it was processed in 0ms, so the
processor hit can't be huge.

--
James Smith
[EMAIL PROTECTED]

- Original Message -
From: "Jake Hileman" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, October 01, 2000 4:35 PM
Subject: Re: Protecting Content / content leeching... A CF method?


> Does doing this part of what you said:
> ">  >
>
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> > torial\rock.jpg', mykey))#">"
>
> slow down things considerably?  Using the encrypt and then using the
decrypt
> later.
>
> Thanks,
>
> Jake
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> DivineWEB - Web Hosting
> Cold Fusion / ASP / mySQL
> Http://www.divineweb.com
> Design: http://www.18go.com
>
> - Original Message -
> From: "James Smith" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Sunday, October 01, 2000 9:23 AM
> Subject: Re: Protecting Content / content leeching... A CF method?
>
>
> > To expand on this a little further, you could use the following code...
> >
> > index.cfm
> > 
> >  > file="c:\key.txt"
> > variable="mykey">
> >  >
>
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> > torial\rock.jpg', mykey))#">
> >
> > picture.cfm
> > 
> >  > file="c:\key.txt"
> > variable="mykey">
> > 
> >  > de('image/jpeg'))>
> > 
> >
> > key.txt
> > 
> > anythingyoulikeasanencryptionkey
> >
> > As you can see in this example the encryption key is stored in a file
> called
> > key.txt but could just as easily come from a database, either way you
can
> > change it with ease.  You could even set up a scheduled task to
randomise
> > the key on an hourly basis if you wanted (depending on just how secure
you
> > want it).
> >
> > The file name is also URLEncoded to avoid html characters from messing
up
> > the string.
> >
> > If you are running NT4 you probably have the image I used as an example
on
> > your system, and it is not in the web servers path anywhere, yet will
> > display correctly.  You will also be able to see (by viewing source)
that
> > the chance of anyone guessing a correct sequence is remote at best.
Using
> > "anythingyoulikeasanencryptionkey" as the key the img tag becomes...
> >
> >  >
>
src="picture.cfm?picture=G6%205OOB%29RHZN%5B5%3FOPH%5E%5C%26E%5BF%2AITD1P%2D
> > N2BZ%29%257A%2A%23N%28WP%3D8%3EW6%3AF%3B%0A">
> >
> > and if that isn't secure enough for you, then nothing is!
> >
> > The supplied code will work fine for .gif, .jpg and .jpeg images, but
you
> > will have to modify it slightly if you use png or other formats.
> >
> > Have fun.
> >
> > --
> > James Smith
> > [EMAIL PROTECTED]
> >
> >
>
> --
> 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> >
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-01 Thread Jake Hileman


Does doing this part of what you said:
"> 
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> torial\rock.jpg', mykey))#">"

slow down things considerably?  Using the encrypt and then using the decrypt
later.

Thanks,

Jake

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DivineWEB - Web Hosting
Cold Fusion / ASP / mySQL
Http://www.divineweb.com
Design: http://www.18go.com

- Original Message -
From: "James Smith" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, October 01, 2000 9:23 AM
Subject: Re: Protecting Content / content leeching... A CF method?


> To expand on this a little further, you could use the following code...
>
> index.cfm
> 
>  file="c:\key.txt"
> variable="mykey">
> 
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> torial\rock.jpg', mykey))#">
>
> picture.cfm
> 
>  file="c:\key.txt"
> variable="mykey">
> 
>  de('image/jpeg'))>
> 
>
> key.txt
> 
> anythingyoulikeasanencryptionkey
>
> As you can see in this example the encryption key is stored in a file
called
> key.txt but could just as easily come from a database, either way you can
> change it with ease.  You could even set up a scheduled task to randomise
> the key on an hourly basis if you wanted (depending on just how secure you
> want it).
>
> The file name is also URLEncoded to avoid html characters from messing up
> the string.
>
> If you are running NT4 you probably have the image I used as an example on
> your system, and it is not in the web servers path anywhere, yet will
> display correctly.  You will also be able to see (by viewing source) that
> the chance of anyone guessing a correct sequence is remote at best. Using
> "anythingyoulikeasanencryptionkey" as the key the img tag becomes...
>
> 
src="picture.cfm?picture=G6%205OOB%29RHZN%5B5%3FOPH%5E%5C%26E%5BF%2AITD1P%2D
> N2BZ%29%257A%2A%23N%28WP%3D8%3EW6%3AF%3B%0A">
>
> and if that isn't secure enough for you, then nothing is!
>
> The supplied code will work fine for .gif, .jpg and .jpeg images, but you
> will have to modify it slightly if you use png or other formats.
>
> Have fun.
>
> --
> James Smith
> [EMAIL PROTECTED]
>
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-01 Thread James Smith


To expand on this a little further, you could use the following code...

index.cfm




picture.cfm






key.txt

anythingyoulikeasanencryptionkey

As you can see in this example the encryption key is stored in a file called
key.txt but could just as easily come from a database, either way you can
change it with ease.  You could even set up a scheduled task to randomise
the key on an hourly basis if you wanted (depending on just how secure you
want it).

The file name is also URLEncoded to avoid html characters from messing up
the string.

If you are running NT4 you probably have the image I used as an example on
your system, and it is not in the web servers path anywhere, yet will
display correctly.  You will also be able to see (by viewing source) that
the chance of anyone guessing a correct sequence is remote at best. Using
"anythingyoulikeasanencryptionkey" as the key the img tag becomes...



and if that isn't secure enough for you, then nothing is!

The supplied code will work fine for .gif, .jpg and .jpeg images, but you
will have to modify it slightly if you use png or other formats.

Have fun.

--
James Smith
[EMAIL PROTECTED]


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-09-29 Thread James Smith


The method I have used in the past goes something like this...

index.cfm
--

--

picture.cfm
--

--

You can then use any path you like in the file attribute of the cfcontent
tag to push a picture from a non-web-accessible directory.  It can be
dynamic as well if you choose, for example



all the user will see as the image name is "picture.cfm?picture=1".

I am sure if you wanted you could use



and really confuse the viewer :-)

Hope this gives you a start in the correct direction.

- Original Message -
From: "Stewart McGowan" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Friday, September 29, 2000 4:39 PM
Subject: RE: Protecting Content / content leeching... A CF method?


> "problem is that CF mappings, as far as I know, do not work with the IMG
> tag, let alone the EMBED tag"
>
>
> setup global variable with a mapping then use in the img tag, that works
> fine
>
> 
> 
>
>  src="#application.image_path#/menu.gif" width="600"
> height="65" border="0" usemap="#m_menu">
>
>
> and now i really am off :)
>
> Stew
>
>
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Nadir Ait-Laoussine


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A30.6C80DB13
Content-Type: text/plain;
charset="iso-8859-1"

Thank you Stewart

-Original Message-
From: Stewart McGowan [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 11:39 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


"problem is that CF mappings, as far as I know, do not work with the IMG
tag, let alone the EMBED tag"


setup global variable with a mapping then use in the img tag, that works
fine







and now i really am off :)

Stew




--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C02A30.6C80DB13
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable






RE: Protecting Content / content leeching... A CF =
method?



Thank you Stewart


-Original Message-
From: Stewart McGowan [mailto:[EMAIL PROTECTED]">mailto:Stewart.McGowan@w=
eir-tech.co.uk]
Sent: Friday, September 29, 2000 11:39 AM
To: CF-Talk
Subject: RE: Protecting Content / content =
leeching... A CF method?



"problem is that CF mappings, as far as I know, =
do not work with the IMG
tag, let alone the EMBED tag"



setup global variable with a mapping then use in the =
img tag, that works
fine


<CFSET =
application.root_path=3D"datanet">
<CFSET =
application.image_path=3D"#application.root_path#/Images/">=



<IMG name=3D"menu"
src=3D"<CFOUTPUT>#application.image_path#/</CFOUT=
PUT>menu.gif" width=3D"600"
height=3D"65" border=3D"0" =
usemap=3D"#m_menu">



and now i really am off :)


Stew




---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with 'unsubscribe' in the =
body.



--_=_NextPart_001_01C02A30.6C80DB13--
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Gavin Myers


i get it now...

okay to show an image but to mask the source it is coming from...
well, this isn't totally secure but what about renaming each file to
something like

logo_aoighoaihgoaoo31905u3051.jpg
welcome_apgaahha939393593595931.jpg
hello_09q3570931209275029602.jpg
contactus_3-699696969696.jpg

even though they know where the files are coming from, if they dont have
names like "Logo.jpg" they wouldn't be able to just guess the other files in
there. the logo_ part of it helps the programmer to know what file it is..
but the wopitywoihwohgow.jpg part makes it almost impossible for someone to
just guess it


-Original Message-
From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 10:34 AM
To: CF-Talk
Cc: Kristina Patterson; Michael Kilkelly
Subject: RE: Protecting Content / content leeching... A CF method?


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A2A.BB0551EA
Content-Type: text/plain;
charset="iso-8859-1"

Gavin, you are not confused, just off base. :)

The issue is not to make a document not available to someone who can see it
but to someone who cannot see it...

Case in point...  the  tag will let you know that a file is
located at /a/b/file.jpg
so you could go to the location bar and look for that image.  You could get
tricky and try to view other files located at that location...
/a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
little too much information.

So the concern is not so much the document itself, but rather the ability to
figure out where it is located.  It's been recommended to me to use CF
mappings to substitue for that, problem is that CF mappings, as far as I
know, do not work with the IMG tag, let alone the EMBED tag.

So I am left with the CFCONTENT tag, problem with the content tag is that it
takes over the entire screen.  I've tried to embed it in a layer or IFRAME,
but it still takes over the whole window.

There are a few PERL scripts out there that "mask" the path to the file.  So
by typing www.mydomain.com/getstuff.cgi?image.jpg, the script would display
the image but masking it's location (which in reality is not a web location,
but a physical location on the web server [c:\...]) This works well except
that all the scripts that I have tried choke (by that I mean render only
part of) the file.  regardless of the MIME type.  I think the problem is
that those scripts were written on UNIX, and we are on WIN2K.

So that is where we are.

Note that the last option (the PERL option) is still not exactly what we are
looking for because of
1. security problems with CGI scripts in general
2. it does not work with the IMG tag.

Nadir


-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Stewart McGowan


"problem is that CF mappings, as far as I know, do not work with the IMG
tag, let alone the EMBED tag"


setup global variable with a mapping then use in the img tag, that works
fine







and now i really am off :)

Stew



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Nadir Ait-Laoussine

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A2A.BB0551EA
Content-Type: text/plain;
charset="iso-8859-1"

Gavin, you are not confused, just off base. :)

The issue is not to make a document not available to someone who can see it
but to someone who cannot see it...

Case in point...  the  tag will let you know that a file is
located at /a/b/file.jpg
so you could go to the location bar and look for that image.  You could get
tricky and try to view other files located at that location...
/a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
little too much information.

So the concern is not so much the document itself, but rather the ability to
figure out where it is located.  It's been recommended to me to use CF
mappings to substitue for that, problem is that CF mappings, as far as I
know, do not work with the IMG tag, let alone the EMBED tag.

So I am left with the CFCONTENT tag, problem with the content tag is that it
takes over the entire screen.  I've tried to embed it in a layer or IFRAME,
but it still takes over the whole window.

There are a few PERL scripts out there that "mask" the path to the file.  So
by typing www.mydomain.com/getstuff.cgi?image.jpg, the script would display
the image but masking it's location (which in reality is not a web location,
but a physical location on the web server [c:\...]) This works well except
that all the scripts that I have tried choke (by that I mean render only
part of) the file.  regardless of the MIME type.  I think the problem is
that those scripts were written on UNIX, and we are on WIN2K.

So that is where we are.

Note that the last option (the PERL option) is still not exactly what we are
looking for because of
1. security problems with CGI scripts in general
2. it does not work with the IMG tag.

Nadir

-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory ma

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Robert Everland III


Well what I would do is make a coldfusion template up that called it from a
location that was inaccessible from a webserver. That way you could have a
log in and password and even have a database that tells it how many times
someone can view it. Or have a date as to when it expires so they can be no
leeching.


bob Everland

-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave


> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
>
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
>
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
>
>
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
>
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
>
> Rob, thanks for the feedback.
>
> For PDF files I am using the standard MIME types.
>
> Here is my code.
>
>  deletefile="No">
>
> You can go to
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
>
>
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
>
> Thanks fo ryou help
> Nadir
>
> -Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
>
>
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
>
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
>
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
>
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
>
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
>
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
>
>
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
>
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
>
> Rob, thanks for the feedback.
> 
>
> For PDF files I am using the standard MIME =
> types.
> 
>
> Here is my code.
> 
>
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
>
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.c

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Gavin Myers


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
> 
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
> 
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
> 
> 
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
> 
> Rob, thanks for the feedback.
> 
> 
> For PDF files I am using the standard MIME =
> types.
> 
> 
> Here is my code.
> 
> 
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
> 
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
> pdf to see the (awful mess of a) result
> 
> 
> 
> On the second part of your message, if I do use the =
> CF directory mappings, aren't I suddenly unable to user the  =
> <img src=3D"..."> tag - is there a work =
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> 
> -Original Message-
> From: Rob Keniger [ HREF=3D"mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=
>

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Bosky, Dave


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:      RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
> 
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
> 
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
> 
> 
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
> 
> Rob, thanks for the feedback.
> 
> 
> For PDF files I am using the standard MIME =
> types.
> 
> 
> Here is my code.
> 
> 
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
> 
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
> pdf to see the (awful mess of a) result
> 
> 
> 
> On the second part of your message, if I do use the =
> CF directory mappings, aren't I suddenly unable to user the  =
> <img src=3D"..."> tag - is there a work =
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> 
> -Original Message-
> From: Rob Keniger [ HREF=3D"mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=
> 
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content =
> leeching... A CF method?
> 
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
> [EMAIL PROTECTED] wrote:
> 
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with =
> CFCONTENT is that it just
> > spews out the content, so a PDF file (even if I =
> specify the mime type) will
> > come not come out as a

Re: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Rob Keniger

on 9/29/00 4:39 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result

Nadir, the code appears correct  - the page you mention is working fine on
my systems - I tried Win IE5.5, Win Netscape 4.75, Mac IE 5 and Mac Netscape
4.75 - all correctly displayed the PDF.

I think it's most likely that your browser's Application mappings are a bit
screwy - have you tried reinstalling Acrobat?

Rob Keniger

big bang solutions

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Steve Bernard

I would guess that the Solaris build doesn't have ODBC drivers for FoxPro.
That's a guess though since I don't run CF on Solaris.

Steve

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 5:30 PM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

Hello Everyone,

Does anyone know what syntax works for SQL Query using CF 4.5.1 (Solaris)
and Foxpro v3.0 ODBC connection for a statement like this:

SELECT pohdr.po_number, pohdr.vend_name, pohdr.vendor_id, pohdr.po_amount,
pohdr.org_po_dt, pohdr.pay_term, pohdr.ship_to_nm, pohdr.ord_status,
podtl.itm_glmoco, podtl.ln_sta, podtl.ln_no, podtl.prom_dock
FROM  pohdr, podtl

#where#
order by pohdr.po_number

When I test on my server with NT installation of cf 4.5.1, it works fine but
not on the client solaris server.  Any suggestions are very much
appreciated.

Thanks,
Nehal

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread [EMAIL PROTECTED]


Hello Everyone,

Does anyone know what syntax works for SQL Query using CF 4.5.1 (Solaris)
and Foxpro v3.0 ODBC connection for a statement like this:


SELECT pohdr.po_number, pohdr.vend_name, pohdr.vendor_id, pohdr.po_amount,
pohdr.org_po_dt, pohdr.pay_term, pohdr.ship_to_nm, pohdr.ord_status,
podtl.itm_glmoco, podtl.ln_sta, podtl.ln_no, podtl.prom_dock
FROM  pohdr, podtl

#where#
order by pohdr.po_number


When I test on my server with NT installation of cf 4.5.1, it works fine but
not on the client solaris server.  Any suggestions are very much
appreciated.

Thanks,
Nehal


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Hayes, David

FYI - It's working fine on my machine; acrobat reader loads and the pdf is
displayed properly.

-Original Message-
From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 1:40 PM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/plain;
charset="iso-8859-1"

Rob, thanks for the feedback.

For PDF files I am using the standard MIME types.

Here is my code.

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
mess of a) result

On the second part of your message, if I do use the CF directory mappings,
aren't I suddenly unable to user the   tag - is there a work
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type)
will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]

big bang solutions
<http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311 2744

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

RE: Protecting Content / content leeching... A CF =
method?

Rob, thanks for the feedback.

For PDF files I am using the standard MIME =
types.

Here is my code.

<cfcontent type=3D"application/pdf" =
file=3D"F:\projectdata\1\1\test.pdf" =
deletefile=3D"No">

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
pdf to see the (awful mess of a) result

On the second part of your message, if I do use the =
CF directory mappings, aren't I suddenly unable to user the  =
<img src=3D"..."> tag - is there a work =
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=

Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content =
leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
[EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with =
CFCONTENT is that it just
> spews out the content, so a PDF file (even if I =
specify the mime type) will
> come not come out as a PDF file, but some =
garbled text.

What MIME type are you using for PDFs? What you =
describe works perfectly for
me.

You could also try using CF directory mappings - =
these will prevent anyone
directly accessing the files if you point them =
outside the Web root
directory.

Rob =
Keniger   =
;=
;=
;    =
[EMAIL PROTECTED]
___=
_

big bang solutions
<http://www.bigbang.net.au" =
TARGET=3D"_blank">http://www.bigbang.net.au>   &nb=
sp; p +61 7 3311 =
2733  f +61 7 3311 2744
___=
_

---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with '

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Nadir Ait-Laoussine

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/plain;
charset="iso-8859-1"

Rob, thanks for the feedback.

For PDF files I am using the standard MIME types.

Here is my code.

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
mess of a) result

On the second part of your message, if I do use the CF directory mappings,
aren't I suddenly unable to user the   tag - is there a work
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type)
will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]

big bang solutions
<http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311 2744

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

RE: Protecting Content / content leeching... A CF =
method?

Rob, thanks for the feedback.

For PDF files I am using the standard MIME =
types.

Here is my code.

<cfcontent type=3D"application/pdf" =
file=3D"F:\projectdata\1\1\test.pdf" =
deletefile=3D"No">

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
pdf to see the (awful mess of a) result

On the second part of your message, if I do use the =
CF directory mappings, aren't I suddenly unable to user the  =
<img src=3D"..."> tag - is there a work =
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=

Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content =
leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
[EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with =
CFCONTENT is that it just
> spews out the content, so a PDF file (even if I =
specify the mime type) will
> come not come out as a PDF file, but some =
garbled text.

What MIME type are you using for PDFs? What you =
describe works perfectly for
me.

You could also try using CF directory mappings - =
these will prevent anyone
directly accessing the files if you point them =
outside the Web root
directory.

Rob =
Keniger   =
;=
;=
;    =
[EMAIL PROTECTED]
___=
_

big bang solutions
<http://www.bigbang.net.au" =
TARGET=3D"_blank">http://www.bigbang.net.au>   &nb=
sp; p +61 7 3311 =
2733  f +61 7 3311 2744
___=
_

---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with 'unsubscribe' in the =
body.

--_=_NextPart_001_01C0297B.7F2629C8--
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Rob Keniger


on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type) will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]


big bang solutions
 p +61 7 3311 2733  f +61 7 3311 2744



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Protecting Content / content leeching... A CF method?

2000-09-27 Thread Nadir Ait-Laoussine


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C028C9.F0F149EA
Content-Type: text/plain;
charset="iso-8859-1"

Hello all,
 
we are trying to protect some of our files from accidental access to them.
Hence we have placed all of our files on a non web mapped location on the
server.  Problem is that now we cannot even access .jpg and .gif files.  We
are using cf_download to download the files, but we still would like our
users to view the files themselves.  There are a few PERL scripts that will
allow to "mask" the url by simply feeding them the name of the file. So for
example, if I were to do an  it would
return the image without revealing the real path of the file.  The beauty of
the PERL script is that it can access files that are off line.  The problem
with PERL and CGI is that it can cause a security problem.  Now, I've been
recommended to user CFCONTENT, the problem with CFCONTENT is that it just
spews out the content, so a PDF file (even if I specify the mime type) will
come not come out as a PDF file, but some garbled text.
 
Has anybody had a similar kind of experience?  I am not sure how to proceed.
We are looking into putting content in the SQL 7 DB, but that is not working
very well, as we need to rely on Stored Procedures.  Any suggestions would
be greatly appreciated.
 
Thanks
 
 

--_=_NextPart_001_01C028C9.F0F149EA
Content-Type: text/html;
charset="iso-8859-1"








Hello all,
 
we are trying 
to protect some of our files from accidental access to them.  Hence we have 
placed all of our files on a non web mapped location on the server.  
Problem is that now we cannot even access .jpg and .gif files.  We are 
using cf_download to download the files, but we still would like our users to 
view the files themselves.  There are a few PERL scripts that will allow to 
"mask" the url by simply feeding them the name of the file. So for example, if I 
were to do an  it would return the 
image without revealing the real path of the file.  The beauty of the PERL 
script is that it can access files that are off line.  The problem with 
PERL and CGI is that it can cause a security problem.  Now, I've been 
recommended to user CFCONTENT, the problem with CFCONTENT is that it just spews 
out the content, so a PDF file (even if I specify the mime type) will come not 
come out as a PDF file, but some garbled text.
 
Has anybody had a 
similar kind of experience?  I am not sure how to proceed.  We are 
looking into putting content in the SQL 7 DB, but that is not working very well, 
as we need to rely on Stored Procedures.  Any suggestions would be greatly 
appreciated.
 
Thanks
 
 

--_=_NextPart_001_01C028C9.F0F149EA--
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content

Re: Protecting Content

RE: Protecting Content

RE: Protecting Content

Re: Protecting Content

Protecting Content

RE: Protecting Content ... A nice solution

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Protecting Content / content leeching... A CF method?

27 matches

Site Navigation

Mail list logo

Footer information