3 Replies Latest reply: Dec 29, 2011 8:17 PM by 261391 RSS

    How to restrict a user to view the file from web URL

    903139
      Hi,

      I want to restrict any user who are trying access any js file or any client side file from web URL.
      For eg. if user put www.test.com/js/sample.js in browser then he will able to view the code.
      Is there any way to restrict the same.
      Please suggest.

      Any suggesion.

      Thanks In Advance
      Manoj

      Edited by: user12780476 on Dec 28, 2011 12:18 AM
        • 1. Re: How to restrict a user to view the file from web URL
          261391
          Does the javascript file is really a private resource?

          Assuming it is a private resource, here are the few things you can do :
          1. Don't put it into document root at all.
          2. Put it in a location where access is denied e.g.
          /mydocs/private/
          <If uri =~ '/private'>
          PathCheck fn="deny-existense"
          </If>
          3. Use access control list (acls) to deny access to private resources.
          4. Use <If> else around send-file SAF e.g.
          <If uri !~ "*.js">
          Service fn="send-file"
          </If>
          5. Use htaccess to deny access to those resources.
          ----------------------------------

          So it all depends on what you really want to achieve.
          • 2. Re: How to restrict a user to view the file from web URL
            903139
            Thank for reply.
            I have tried by adding rule in acl file. But when i hit the url. wherever the js file is used it is not get executed. Because we have restricted that.

            i have done something like this

            acl "path=export/home/../js/*" ;

            authenticate (user,group) {

            database = "default";

            method = "basic";

            prompt = "Presentation Owner";

            };

            allow (execute, info) user = "anyone";
            deny (read,list, write, delete) user = "anyone";

            Please suggest if i am doing wrong...

            if possible please share your email-id .

            Edited by: user12780476 on Dec 29, 2011 2:12 AM
            • 3. Re: How to restrict a user to view the file from web URL
              261391
              I am confused about your requirements.

              Is js file contain a client side javascript?
              Will browser will get access to this file at all?

              If browser gets an access to it then it is already a public document then what is point on restricting the access to the js file directly.