directory
such as .PDF, .DOC, .XLS etc. Would that rule CFCONTENT out ??
-Original Message-
From: Douglas Knudsen [mailto:[EMAIL PROTECTED]
Sent: 21 March 2005 21:10
To: CF-Talk
Subject: Re: cold fusion, pdf files and security
yup, place the pdfs, or other files you want protected
-
From: Ian Vaughan [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 22 March 2005 5:28
To: CF-Talk
Subject: RE: cold fusion, pdf files and security
So if I wanted to secure this link using the CFContent tag
a class=homeaa href=/documents/#docpath##doctitle#/a
I would replace it with
cfcontent type
Hi everyone. I have a cf security question. I have a website and on that
site are some pdfs. The site is password protected. On the site I have a
pdf directory where I keep all my pdf's. I am concerned that if I
emailed someone a link http://www.mysite.com/pdf/pdfname.pdf that they
would be able
Serve your PDFs through a cfm with cfcontent
Something like this:
cfheader name=Content-Disposition
value=ATTACHMENT;FILENAME=Filename.pdf
cfcontent type=application/pdf file=c:\path\to.pdf
(Note the file path can be anywhere on the hard drive or network that CF
has access to.)
Then just put
yup, place the pdfs, or other files you want protected, in a dir
OUTSIDE your web root. Then use a CF page and the CFCONTENT tag to
deliver your files.
Doug
On Mon, 21 Mar 2005 16:00:43 -0500, Wurst, Keith D. [EMAIL PROTECTED] wrote:
Hi everyone. I have a cf security question. I have a
: Monday, March 21, 2005 1:00 PM
Subject: cold fusion, pdf files and security
Hi everyone. I have a cf security question. I have a website and on that
site are some pdfs. The site is password protected. On the site I have a
pdf directory where I keep all my pdf's. I am concerned that if I
emailed
In the folder where the PDF's are stored create an
application.cfm file. In that file do a cfif and check for
the existance of a cookie with a meta redirect (To form
page described below) if it doesn't exist. Within the PDF
folder create another folder called something like
security. Within
Lee, this will not secure the pdfs though. A direct request to
http://foo.com/goo/mypdf.pdf is not passed to CF. Therefore the
application.cfm will never be fired.
Doug
On Mon, 21 Mar 2005 15:26:33 -0600, Lee [EMAIL PROTECTED] wrote:
In the folder where the PDF's are stored create an
, March 21, 2005 4:27 PM
To: CF-Talk
Subject: Re: cold fusion, pdf files and security
In the folder where the PDF's are stored create an application.cfm file.
In that file do a cfif and check for the existance of a cookie with a
meta redirect (To form page described below) if it doesn't exist. Within
That won't work Lee because application.cfm only gets fired when a CFM
is called unless I'm reading your post wrong.=20
Agreed...it would protect the index.cfm file...but NOT the PDFs from being
browsable
Bryan Stevenson B.Comm.
VP Director of E-Commerce Development
Electric Edge Systems
Hmmm that is correct. Would a worm be able to index the
contents of the PDF folder?
On Mon, 21 Mar 2005 16:37:47 -0500
Douglas Knudsen [EMAIL PROTECTED] wrote:
Lee, this will not secure the pdfs though. A direct
request to
http://foo.com/goo/mypdf.pdf is not passed to CF.
Therefore the
I use iAuth for these type things:
http://coolfusion.com/products/iAuth/
Hi everyone. I have a cf security question. I have a website and on that
site are some pdfs. The site is password protected. On the site I have a
pdf directory where I keep all my pdf's. I am concerned that if I
emailed
asked and answered a few hundred times on this list ;-)
-move the PDFs to a non-web accessible directory
-serve them up using a CFM file containing CFCONTENT
This way they are not browsable and you can secure the CFM file using your
existing security
HTH
Cheers
For added fun, you can add OS
13 matches
Mail list logo
