subject:"RE\: Protecting Content \/ content leeching... A CF method\?"

Re: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Rob Keniger


on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type) will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]


big bang solutions
 p +61 7 3311 2733  f +61 7 3311 2744



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Nadir Ait-Laoussine

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/plain;
charset="iso-8859-1"

Rob, thanks for the feedback.

For PDF files I am using the standard MIME types.

Here is my code.

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
mess of a) result

On the second part of your message, if I do use the CF directory mappings,
aren't I suddenly unable to user the   tag - is there a work
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type)
will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]

big bang solutions
<http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311 2744

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

RE: Protecting Content / content leeching... A CF =
method?

Rob, thanks for the feedback.

For PDF files I am using the standard MIME =
types.

Here is my code.

<cfcontent type=3D"application/pdf" =
file=3D"F:\projectdata\1\1\test.pdf" =
deletefile=3D"No">

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
pdf to see the (awful mess of a) result

On the second part of your message, if I do use the =
CF directory mappings, aren't I suddenly unable to user the  =
<img src=3D"..."> tag - is there a work =
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=

Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content =
leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
[EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with =
CFCONTENT is that it just
> spews out the content, so a PDF file (even if I =
specify the mime type) will
> come not come out as a PDF file, but some =
garbled text.

What MIME type are you using for PDFs? What you =
describe works perfectly for
me.

You could also try using CF directory mappings - =
these will prevent anyone
directly accessing the files if you point them =
outside the Web root
directory.

Rob =
Keniger   =
;=
;=
;    =
[EMAIL PROTECTED]
___=
_

big bang solutions
<http://www.bigbang.net.au" =
TARGET=3D"_blank">http://www.bigbang.net.au>   &nb=
sp; p +61 7 3311 =
2733  f +61 7 3311 2744
___=
_

---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with 'unsubscribe' in the =
body.

--_=_NextPart_001_01C0297B.7F2629C8--
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Hayes, David

FYI - It's working fine on my machine; acrobat reader loads and the pdf is
displayed properly.

-Original Message-
From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 1:40 PM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/plain;
charset="iso-8859-1"

Rob, thanks for the feedback.

For PDF files I am using the standard MIME types.

Here is my code.

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
mess of a) result

On the second part of your message, if I do use the CF directory mappings,
aren't I suddenly unable to user the   tag - is there a work
around?

Thanks fo ryou help
Nadir

-Original Message-
From: Rob Keniger [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with CFCONTENT is that it just
> spews out the content, so a PDF file (even if I specify the mime type)
will
> come not come out as a PDF file, but some garbled text.

What MIME type are you using for PDFs? What you describe works perfectly for
me.

You could also try using CF directory mappings - these will prevent anyone
directly accessing the files if you point them outside the Web root
directory.

Rob Keniger   [EMAIL PROTECTED]

big bang solutions
<http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311 2744

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C0297B.7F2629C8
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

RE: Protecting Content / content leeching... A CF =
method?

Rob, thanks for the feedback.

For PDF files I am using the standard MIME =
types.

Here is my code.

<cfcontent type=3D"application/pdf" =
file=3D"F:\projectdata\1\1\test.pdf" =
deletefile=3D"No">

You can go to 
http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
pdf to see the (awful mess of a) result

On the second part of your message, if I do use the =
CF directory mappings, aren't I suddenly unable to user the  =
<img src=3D"..."> tag - is there a work =
around?

Thanks fo ryou help
Nadir

-Original Message-----
From: Rob Keniger [mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=

Sent: Thursday, September 28, 2000 12:48 AM
To: CF-Talk
Subject: Re: Protecting Content / content =
leeching... A CF method?

on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
[EMAIL PROTECTED] wrote:

> Now, I've been
> recommended to user CFCONTENT, the problem with =
CFCONTENT is that it just
> spews out the content, so a PDF file (even if I =
specify the mime type) will
> come not come out as a PDF file, but some =
garbled text.

What MIME type are you using for PDFs? What you =
describe works perfectly for
me.

You could also try using CF directory mappings - =
these will prevent anyone
directly accessing the files if you point them =
outside the Web root
directory.

Rob =
Keniger   =
;=
;=
;    =
[EMAIL PROTECTED]
___=
_

big bang solutions
<http://www.bigbang.net.au" =
TARGET=3D"_blank">http://www.bigbang.net.au>   &nb=
sp; p +61 7 3311 =
2733  f +61 7 3311 2744
___=
_

---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with '

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread [EMAIL PROTECTED]


Hello Everyone,

Does anyone know what syntax works for SQL Query using CF 4.5.1 (Solaris)
and Foxpro v3.0 ODBC connection for a statement like this:


SELECT pohdr.po_number, pohdr.vend_name, pohdr.vendor_id, pohdr.po_amount,
pohdr.org_po_dt, pohdr.pay_term, pohdr.ship_to_nm, pohdr.ord_status,
podtl.itm_glmoco, podtl.ln_sta, podtl.ln_no, podtl.prom_dock
FROM  pohdr, podtl

#where#
order by pohdr.po_number


When I test on my server with NT installation of cf 4.5.1, it works fine but
not on the client solaris server.  Any suggestions are very much
appreciated.

Thanks,
Nehal


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Steve Bernard

I would guess that the Solaris build doesn't have ODBC drivers for FoxPro.
That's a guess though since I don't run CF on Solaris.

Steve

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 28, 2000 5:30 PM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

Hello Everyone,

Does anyone know what syntax works for SQL Query using CF 4.5.1 (Solaris)
and Foxpro v3.0 ODBC connection for a statement like this:

SELECT pohdr.po_number, pohdr.vend_name, pohdr.vendor_id, pohdr.po_amount,
pohdr.org_po_dt, pohdr.pay_term, pohdr.ship_to_nm, pohdr.ord_status,
podtl.itm_glmoco, podtl.ln_sta, podtl.ln_no, podtl.prom_dock
FROM  pohdr, podtl

#where#
order by pohdr.po_number

When I test on my server with NT installation of cf 4.5.1, it works fine but
not on the client solaris server.  Any suggestions are very much
appreciated.

Thanks,
Nehal

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-09-28 Thread Rob Keniger

on 9/29/00 4:39 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:

> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result

Nadir, the code appears correct  - the page you mention is working fine on
my systems - I tried Win IE5.5, Win Netscape 4.75, Mac IE 5 and Mac Netscape
4.75 - all correctly displayed the PDF.

I think it's most likely that your browser's Application mappings are a bit
screwy - have you tried reinstalling Acrobat?

Rob Keniger

big bang solutions

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Bosky, Dave


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:      RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -Original Message-----
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
> 
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
> 
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
> 
> 
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
> 
> Rob, thanks for the feedback.
> 
> 
> For PDF files I am using the standard MIME =
> types.
> 
> 
> Here is my code.
> 
> 
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
> 
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
> pdf to see the (awful mess of a) result
> 
> 
> 
> On the second part of your message, if I do use the =
> CF directory mappings, aren't I suddenly unable to user the  =
> <img src=3D"..."> tag - is there a work =
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> 
> -Original Message-
> From: Rob Keniger [ HREF=3D"mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=
> 
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content =
> leeching... A CF method?
> 
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at =
> [EMAIL PROTECTED] wrote:
> 
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with =
> CFCONTENT is that it just
> > spews out the content, so a PDF file (even if I =
> specify the mime type) will
> > come not come out as a

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Gavin Myers


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:      RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -----Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
> 
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
> 
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
> 
> 
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
> 
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
> 
> Rob, thanks for the feedback.
> 
> 
> For PDF files I am using the standard MIME =
> types.
> 
> 
> Here is my code.
> 
> 
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
> 
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.com/imagetest/getstuff.cfm?bob=3D=
> pdf to see the (awful mess of a) result
> 
> 
> 
> On the second part of your message, if I do use the =
> CF directory mappings, aren't I suddenly unable to user the  =
> <img src=3D"..."> tag - is there a work =
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> 
> -Original Message-
> From: Rob Keniger [ HREF=3D"mailto:[EMAIL PROTECTED]">mailto:[EMAIL PROTECTED]]=
>

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Robert Everland III


Well what I would do is make a coldfusion template up that called it from a
location that was inaccessible from a webserver. That way you could have a
log in and password and even have a database that tells it how many times
someone can view it. Or have a date as to when it expires so they can be no
leeching.


bob Everland

-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave


> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:      RE: Protecting Content / content leeching... A CF method?
>
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
>
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
>
>
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
>
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
>
> Rob, thanks for the feedback.
>
> For PDF files I am using the standard MIME types.
>
> Here is my code.
>
>  deletefile="No">
>
> You can go to
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
>
>
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
>
> Thanks fo ryou help
> Nadir
>
> -----Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
>
>
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
>
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
>
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
>
> You could also try using CF directory mappings - these will prevent anyone
> directly accessing the files if you point them outside the Web root
> directory.
>
> Rob Keniger
> [EMAIL PROTECTED]
> __
> __
>
> big bang solutions
> <http://www.bigbang.net.au> p +61 7 3311 2733  f +61 7 3311
> 2744
> __
> __
>
>
> --
> --
> --
> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
>
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/html;
>   charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> 
> 
> 
>  charset=3Diso-8859-1">
>  5.5.2650.12">
> RE: Protecting Content / content leeching... A CF =
> method?
> 
> 
>
> Rob, thanks for the feedback.
> 
>
> For PDF files I am using the standard MIME =
> types.
> 
>
> Here is my code.
> 
>
> <cfcontent type=3D"application/pdf" =
> file=3D"F:\projectdata\1\1\test.pdf" =
> deletefile=3D"No">
> 
>
> You can go to 
>  HREF=3D"http://www.edificium.com/imagetest/getstuff.cfm?bob=3Dpdf" =
> TARGET=3D"_blank">http://www.edificium.c

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Nadir Ait-Laoussine

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A2A.BB0551EA
Content-Type: text/plain;
charset="iso-8859-1"

Gavin, you are not confused, just off base. :)

The issue is not to make a document not available to someone who can see it
but to someone who cannot see it...

Case in point...  the  tag will let you know that a file is
located at /a/b/file.jpg
so you could go to the location bar and look for that image.  You could get
tricky and try to view other files located at that location...
/a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
little too much information.

So the concern is not so much the document itself, but rather the ability to
figure out where it is located.  It's been recommended to me to use CF
mappings to substitue for that, problem is that CF mappings, as far as I
know, do not work with the IMG tag, let alone the EMBED tag.

So I am left with the CFCONTENT tag, problem with the content tag is that it
takes over the entire screen.  I've tried to embed it in a layer or IFRAME,
but it still takes over the whole window.

There are a few PERL scripts out there that "mask" the path to the file.  So
by typing www.mydomain.com/getstuff.cgi?image.jpg, the script would display
the image but masking it's location (which in reality is not a web location,
but a physical location on the web server [c:\...]) This works well except
that all the scripts that I have tried choke (by that I mean render only
part of) the file.  regardless of the MIME type.  I think the problem is
that those scripts were written on UNIX, and we are on WIN2K.

So that is where we are.

Note that the last option (the PERL option) is still not exactly what we are
looking for because of
1. security problems with CGI scripts in general
2. it does not work with the IMG tag.

Nadir

-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?

I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory mappings,
> aren't I suddenly unable to user the   tag - is there a
> work
> around?
> 
> Thanks fo ryou help
> Nadir
> 
> -Original Message-
> From: Rob Keniger [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 12:48 AM
> To: CF-Talk
> Subject: Re: Protecting Content / content leeching... A CF method?
> 
> 
> on 9/28/00 7:28 AM, Nadir Ait-Laoussine at [EMAIL PROTECTED] wrote:
> 
> > Now, I've been
> > recommended to user CFCONTENT, the problem with CFCONTENT is that it
> just
> > spews out the content, so a PDF file (even if I specify the mime type)
> will
> > come not come out as a PDF file, but some garbled text.
> 
> What MIME type are you using for PDFs? What you describe works perfectly
> for
> me.
> 
> You could also try using CF directory ma

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Stewart McGowan


"problem is that CF mappings, as far as I know, do not work with the IMG
tag, let alone the EMBED tag"


setup global variable with a mapping then use in the img tag, that works
fine







and now i really am off :)

Stew



--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Gavin Myers


i get it now...

okay to show an image but to mask the source it is coming from...
well, this isn't totally secure but what about renaming each file to
something like

logo_aoighoaihgoaoo31905u3051.jpg
welcome_apgaahha939393593595931.jpg
hello_09q3570931209275029602.jpg
contactus_3-699696969696.jpg

even though they know where the files are coming from, if they dont have
names like "Logo.jpg" they wouldn't be able to just guess the other files in
there. the logo_ part of it helps the programmer to know what file it is..
but the wopitywoihwohgow.jpg part makes it almost impossible for someone to
just guess it


-Original Message-
From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 10:34 AM
To: CF-Talk
Cc: Kristina Patterson; Michael Kilkelly
Subject: RE: Protecting Content / content leeching... A CF method?


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A2A.BB0551EA
Content-Type: text/plain;
charset="iso-8859-1"

Gavin, you are not confused, just off base. :)

The issue is not to make a document not available to someone who can see it
but to someone who cannot see it...

Case in point...  the  tag will let you know that a file is
located at /a/b/file.jpg
so you could go to the location bar and look for that image.  You could get
tricky and try to view other files located at that location...
/a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
little too much information.

So the concern is not so much the document itself, but rather the ability to
figure out where it is located.  It's been recommended to me to use CF
mappings to substitue for that, problem is that CF mappings, as far as I
know, do not work with the IMG tag, let alone the EMBED tag.

So I am left with the CFCONTENT tag, problem with the content tag is that it
takes over the entire screen.  I've tried to embed it in a layer or IFRAME,
but it still takes over the whole window.

There are a few PERL scripts out there that "mask" the path to the file.  So
by typing www.mydomain.com/getstuff.cgi?image.jpg, the script would display
the image but masking it's location (which in reality is not a web location,
but a physical location on the web server [c:\...]) This works well except
that all the scripts that I have tried choke (by that I mean render only
part of) the file.  regardless of the MIME type.  I think the problem is
that those scripts were written on UNIX, and we are on WIN2K.

So that is where we are.

Note that the last option (the PERL option) is still not exactly what we are
looking for because of
1. security problems with CGI scripts in general
2. it does not work with the IMG tag.

Nadir


-Original Message-
From: Gavin Myers [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 9:37 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm kinda confused (hah!) but isn't it technically impossible to protect any
content that the person can see?

In order to see an image/pdf/text file it has to be downloaded - therefore
it is accessable. There is no possible way to protect an image from being
taken (SnagIT).

or am i off subject?

-Original Message-
From: Bosky, Dave [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 7:02 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


I'm having trouble displaying the pdf in netscape it doesn't give me the
navigational toolbar at the top of the document.
Any ideas what would cause netscape to act this way?
Thanks,
Dave
  

> -Original Message-
> From: Hayes, David [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 4:54 PM
> To:   CF-Talk
> Subject:  RE: Protecting Content / content leeching... A CF method?
> 
> FYI - It's working fine on my machine; acrobat reader loads and the pdf is
> displayed properly.
> 
> -Original Message-
> From: Nadir Ait-Laoussine [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 28, 2000 1:40 PM
> To: CF-Talk
> Subject: RE: Protecting Content / content leeching... A CF method?
> 
> 
> This message is in MIME format. Since your mail reader does not understand
> this format, some or all of this message may not be legible.
> 
> --_=_NextPart_001_01C0297B.7F2629C8
> Content-Type: text/plain;
>   charset="iso-8859-1"
> 
> Rob, thanks for the feedback.
> 
> For PDF files I am using the standard MIME types.
> 
> Here is my code.
> 
>  deletefile="No">
> 
> You can go to 
> http://www.edificium.com/imagetest/getstuff.cfm?bob=pdf to see the (awful
> mess of a) result
> 
> 
> On the second part of your message, if I do use the CF directory

RE: Protecting Content / content leeching... A CF method?

2000-09-29 Thread Nadir Ait-Laoussine


This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

--_=_NextPart_001_01C02A30.6C80DB13
Content-Type: text/plain;
charset="iso-8859-1"

Thank you Stewart

-Original Message-
From: Stewart McGowan [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 29, 2000 11:39 AM
To: CF-Talk
Subject: RE: Protecting Content / content leeching... A CF method?


"problem is that CF mappings, as far as I know, do not work with the IMG
tag, let alone the EMBED tag"


setup global variable with a mapping then use in the img tag, that works
fine







and now i really am off :)

Stew




--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--_=_NextPart_001_01C02A30.6C80DB13
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable






RE: Protecting Content / content leeching... A CF =
method?



Thank you Stewart


-Original Message-
From: Stewart McGowan [mailto:[EMAIL PROTECTED]">mailto:Stewart.McGowan@w=
eir-tech.co.uk]
Sent: Friday, September 29, 2000 11:39 AM
To: CF-Talk
Subject: RE: Protecting Content / content =
leeching... A CF method?



"problem is that CF mappings, as far as I know, =
do not work with the IMG
tag, let alone the EMBED tag"



setup global variable with a mapping then use in the =
img tag, that works
fine


<CFSET =
application.root_path=3D"datanet">
<CFSET =
application.image_path=3D"#application.root_path#/Images/">=



<IMG name=3D"menu"
src=3D"<CFOUTPUT>#application.image_path#/</CFOUT=
PUT>menu.gif" width=3D"600"
height=3D"65" border=3D"0" =
usemap=3D"#m_menu">



and now i really am off :)


Stew




---=
---
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/" =
TARGET=3D"_blank">http://www.mail-archive.com/cf-talk@houseoffusion.com/=

To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=3Dlists&body=3Dli=
sts/cf_talk" =
TARGET=3D"_blank">http://www.houseoffusion.com/index.cfm?sidebar=3Dlists=
&body=3Dlists/cf_talk or send a message to =
[EMAIL PROTECTED] with 'unsubscribe' in the =
body.



--_=_NextPart_001_01C02A30.6C80DB13--
--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-09-29 Thread James Smith


The method I have used in the past goes something like this...

index.cfm
--

--

picture.cfm
--

--

You can then use any path you like in the file attribute of the cfcontent
tag to push a picture from a non-web-accessible directory.  It can be
dynamic as well if you choose, for example



all the user will see as the image name is "picture.cfm?picture=1".

I am sure if you wanted you could use



and really confuse the viewer :-)

Hope this gives you a start in the correct direction.

- Original Message -
From: "Stewart McGowan" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Friday, September 29, 2000 4:39 PM
Subject: RE: Protecting Content / content leeching... A CF method?


> "problem is that CF mappings, as far as I know, do not work with the IMG
> tag, let alone the EMBED tag"
>
>
> setup global variable with a mapping then use in the img tag, that works
> fine
>
> 
> 
>
>  src="#application.image_path#/menu.gif" width="600"
> height="65" border="0" usemap="#m_menu">
>
>
> and now i really am off :)
>
> Stew
>
>
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-01 Thread James Smith


To expand on this a little further, you could use the following code...

index.cfm




picture.cfm






key.txt

anythingyoulikeasanencryptionkey

As you can see in this example the encryption key is stored in a file called
key.txt but could just as easily come from a database, either way you can
change it with ease.  You could even set up a scheduled task to randomise
the key on an hourly basis if you wanted (depending on just how secure you
want it).

The file name is also URLEncoded to avoid html characters from messing up
the string.

If you are running NT4 you probably have the image I used as an example on
your system, and it is not in the web servers path anywhere, yet will
display correctly.  You will also be able to see (by viewing source) that
the chance of anyone guessing a correct sequence is remote at best. Using
"anythingyoulikeasanencryptionkey" as the key the img tag becomes...



and if that isn't secure enough for you, then nothing is!

The supplied code will work fine for .gif, .jpg and .jpeg images, but you
will have to modify it slightly if you use png or other formats.

Have fun.

--
James Smith
[EMAIL PROTECTED]


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-01 Thread Jake Hileman


Does doing this part of what you said:
"> 
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> torial\rock.jpg', mykey))#">"

slow down things considerably?  Using the encrypt and then using the decrypt
later.

Thanks,

Jake

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
DivineWEB - Web Hosting
Cold Fusion / ASP / mySQL
Http://www.divineweb.com
Design: http://www.18go.com

- Original Message -
From: "James Smith" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, October 01, 2000 9:23 AM
Subject: Re: Protecting Content / content leeching... A CF method?


> To expand on this a little further, you could use the following code...
>
> index.cfm
> 
>  file="c:\key.txt"
> variable="mykey">
> 
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> torial\rock.jpg', mykey))#">
>
> picture.cfm
> 
>  file="c:\key.txt"
> variable="mykey">
> 
>  de('image/jpeg'))>
> 
>
> key.txt
> 
> anythingyoulikeasanencryptionkey
>
> As you can see in this example the encryption key is stored in a file
called
> key.txt but could just as easily come from a database, either way you can
> change it with ease.  You could even set up a scheduled task to randomise
> the key on an hourly basis if you wanted (depending on just how secure you
> want it).
>
> The file name is also URLEncoded to avoid html characters from messing up
> the string.
>
> If you are running NT4 you probably have the image I used as an example on
> your system, and it is not in the web servers path anywhere, yet will
> display correctly.  You will also be able to see (by viewing source) that
> the chance of anyone guessing a correct sequence is remote at best. Using
> "anythingyoulikeasanencryptionkey" as the key the img tag becomes...
>
> 
src="picture.cfm?picture=G6%205OOB%29RHZN%5B5%3FOPH%5E%5C%26E%5BF%2AITD1P%2D
> N2BZ%29%257A%2A%23N%28WP%3D8%3EW6%3AF%3B%0A">
>
> and if that isn't secure enough for you, then nothing is!
>
> The supplied code will work fine for .gif, .jpg and .jpeg images, but you
> will have to modify it slightly if you use png or other formats.
>
> Have fun.
>
> --
> James Smith
> [EMAIL PROTECTED]
>
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

2000-10-02 Thread James Smith


I would imagine there is some slowdown as the server is doing more work than
it would otherwise do.  However I just created a test page with 5 unique
images on it all called in this way, and it was processed in 0ms, so the
processor hit can't be huge.

--
James Smith
[EMAIL PROTECTED]

- Original Message -
From: "Jake Hileman" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, October 01, 2000 4:35 PM
Subject: Re: Protecting Content / content leeching... A CF method?


> Does doing this part of what you said:
> ">  >
>
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> > torial\rock.jpg', mykey))#">"
>
> slow down things considerably?  Using the encrypt and then using the
decrypt
> later.
>
> Thanks,
>
> Jake
>
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> DivineWEB - Web Hosting
> Cold Fusion / ASP / mySQL
> Http://www.divineweb.com
> Design: http://www.18go.com
>
> - Original Message -----
> From: "James Smith" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Sunday, October 01, 2000 9:23 AM
> Subject: Re: Protecting Content / content leeching... A CF method?
>
>
> > To expand on this a little further, you could use the following code...
> >
> > index.cfm
> > 
> >  > file="c:\key.txt"
> > variable="mykey">
> >  >
>
src="picture.cfm?picture=#URLEncodedFormat(encrypt('C:\WINNT\Help\iis\htm\tu
> > torial\rock.jpg', mykey))#">
> >
> > picture.cfm
> > 
> >  > file="c:\key.txt"
> > variable="mykey">
> > 
> >  > de('image/jpeg'))>
> > 
> >
> > key.txt
> > 
> > anythingyoulikeasanencryptionkey
> >
> > As you can see in this example the encryption key is stored in a file
> called
> > key.txt but could just as easily come from a database, either way you
can
> > change it with ease.  You could even set up a scheduled task to
randomise
> > the key on an hourly basis if you wanted (depending on just how secure
you
> > want it).
> >
> > The file name is also URLEncoded to avoid html characters from messing
up
> > the string.
> >
> > If you are running NT4 you probably have the image I used as an example
on
> > your system, and it is not in the web servers path anywhere, yet will
> > display correctly.  You will also be able to see (by viewing source)
that
> > the chance of anyone guessing a correct sequence is remote at best.
Using
> > "anythingyoulikeasanencryptionkey" as the key the img tag becomes...
> >
> >  >
>
src="picture.cfm?picture=G6%205OOB%29RHZN%5B5%3FOPH%5E%5C%26E%5BF%2AITD1P%2D
> > N2BZ%29%257A%2A%23N%28WP%3D8%3EW6%3AF%3B%0A">
> >
> > and if that isn't secure enough for you, then nothing is!
> >
> > The supplied code will work fine for .gif, .jpg and .jpeg images, but
you
> > will have to modify it slightly if you use png or other formats.
> >
> > Have fun.
> >
> > --
> > James Smith
> > [EMAIL PROTECTED]
> >
> >
>
> --
> 
> > Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> > To Unsubscribe visit
> http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
> send a message to [EMAIL PROTECTED] with 'unsubscribe' in
> the body.
> >
>
> --

> Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
> To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-10-02 Thread lsellers



As anyone who's ever worked with HTTP at the protocol level (or with CFHTTP)
can tell you, the way it works is you fetch the html (or cfm) document in
question, then parse through it looking for all the img url, then fetch them
BASED ON THIER URL.

Thus it's impossible to protect them. You can use cfcontent with a cfm to
obsure their actual physical location. But whether the image is at
"images\bob.gif" or "images.cfm?image=bob.gif" they still retrieve the
content for display (or to save).

You could do additional cgi user agent and refer(r)er checking to stop
casual direct grabs from the browser command line, but it won't stop
anything else.

Since it's a relative url based the wwwroot of the domain I'm not sure why
it would matter anyway unless the images are to be password protected..

--min

> The issue is not to make a document not available to someone who
> can see it
> but to someone who cannot see it...
>
> Case in point...  the  tag will let you know that a file is
> located at /a/b/file.jpg
> so you could go to the location bar and look for that image.  You
> could get
> tricky and try to view other files located at that location...
> /a/b/anotherfile.jpg.  For us, that is a problem.  The img tag reveals a
> little too much information.
>
> So the concern is not so much the document itself, but rather the
> ability to
> figure out where it is located.  It's been recommended to me to use CF
> mappings to substitue for that, problem is that CF mappings, as far as I
> know, do not work with the IMG tag, let alone the EMBED tag.
>
> So I am left with the CFCONTENT tag, problem with the content tag
> is that it
> takes over the entire screen.  I've tried to embed it in a layer
> or IFRAME,
> but it still takes over the whole window.
>
> There are a few PERL scripts out there that "mask" the path to
> the file.  So
> by typing www.mydomain.com/getstuff.cgi?image.jpg, the script
> would display
> the image but masking it's location (which in reality is not a
> web location,
> but a physical location on the web server [c:\...]) This works well except
> that all the scripts that I have tried choke (by that I mean render only
> part of) the file.  regardless of the MIME type.  I think the problem is
> that those scripts were written on UNIX, and we are on WIN2K.
>
> So that is where we are.
>
> Note that the last option (the PERL option) is still not exactly
> what we are
> looking for because of
> 1. security problems with CGI scripts in general
> 2. it does not work with the IMG tag.
>
> Nadir

--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

RE: Protecting Content / content leeching... A CF method?

2000-10-02 Thread Larry W. Virden


Re: knowing the path to a image tells the user too much...

Then don't give them a path to your images.  Instead, give them a 
path to some sort of cgi, with arguments which, which processed 
along with a page name or some other argument, lead one to only 
one image.  That way, guessing other image names fails.  Think of 
it as a 2 argument hash - the first argument is the page name and 
the second is some kind of unique image identifier not trivially 
guessed.  

Basically, it works the same way things would look if you were 
storing your images in a database and then using ColdFusion to do 
a SQL search for the page text and the images associated with the 
pages, then sending all of these to the user without storing them 
in a directory on your site...

-- 
Larry W. Virden mailto:[EMAIL PROTECTED]> 
http://www.purl.org/net/lvirden/>
Even if explicitly stated to the contrary, nothing in this 
posting
should be construed as representing my employer's opinions.


--
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Re: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

Re: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

RE: Protecting Content / content leeching... A CF method?

19 matches

Site Navigation

Mail list logo

Footer information