• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 167
  • Last Modified:

Use apache to limit access to javascript files?

Hello

I'm trying to limit access to a javascript file.
Maybe it can't be done, but I thought I'd ask.

Thanks

v
0
vlg
Asked:
vlg
  • 4
  • 3
1 Solution
 
samriCommented:
Perhaps you could use Location or LocationMatch directive;

<Location /*exe>
 Deny from all
</Location>

Apache documentation come with quite a great example on Location/LocationMatch directives.

http://httpd.apache.org/docs-2.0/mod/core.html#location

http://httpd.apache.org/docs-2.0/mod/core.html#locationmatch
0
 
vlgAuthor Commented:
samri -

Thanks for the links.  I read the docs.

When you say, "Perhaps..." does that mean you haven't tried this?

v
0
 
samriCommented:
V,

I did try it before posting the comment.  The fact that I cannot be 100% sure is that I tried to limit *.exe on my Win32 Apache 1.3.24.

I rather be realistic than optimistic.  In most cases it should (gee.. It must work), but there might be possibilities that it might not work.  For example, I have test if the *.js file is within the INCLUDE tag for example.  Mind the terminology, I'm pretty much naive in web technology.

I would presume that you ought to try it on the development platform.  do not have one - the trick is, you can have muptiple apache running on one machine, but make sure the are not fighting over port 80/TCP, use different port for the test apache, and get it installed, lets say in /usr/local/apache-test.

Please, I would be excited to know on whether it works for your particular case.

cheers.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
vlgAuthor Commented:
Well, it didn't really work.
It stopped me from getting to the javascript file, but it stopped my webpage from getting it, too. :(
Well - if you can think of a way to allow only my web apge to get the javascript file, let me know.
Thanks
v
0
 
samriCommented:
vlg,

could you post the exact <Location> directive That you use?
0
 
vlgAuthor Commented:
Hello samri

Thanks for helping me after the points have been awarded - lots of people wouldn't do that.
If this isn't a simple fix, I'll give you some more points for your help.
Anyways, the Location directive didn't stop anything, so I used LocationMatch:

This killed everything:

<LocationMatch /*js>
Deny from all
</LocationMatch>

I've been experimenting with this:

<LocationMatch /*js>
Order allow, deny
allow from 127.0.0.1
Deny from all
</LocationMatch>

but it's not working.

Thanks

v
0
 
vlgAuthor Commented:
ps - when I say "it's not working" I mean, it's still disallowing all requests for the javascript file, even from the web page.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now