Solved

Limit database access to a specific firefox extension

Posted on 2006-07-10
6
354 Views
Last Modified: 2008-01-09
How can I limit the data in my website only to a specific firefox extension that I want to create?

For example:
I checked the source code of the forecastfox extension, and forecastfox access data from accuweather.com by accessing the following url:
http://forecastfox.accuweather.com/adcbin/forecastfox/locate_city.asp?location=

When I tried to access that url, I got the following:

<adc_database>
<citylist us="0" intl="0" extra_cities="0">
      </citylist>
<copyright>Copyright 2006 AccuWeather.com</copyright>
&#8722;
      <use>
This document is intended only for use by authorized licensees of AccuWeather.com. Unauthorized use is prohibited. All Rights Reserved.
</use>
<product>Forecastfox</product>
<redistribution>Redistribution Prohibited.</redistribution>
</adc_database>

My question, if I want to create a firefox extension to fetch data from my website, how do I limit the data access only to my extension? I want to make sure other website can't fetch or crawl the data from my website.

Thanks.
0
Comment
Question by:screwdriver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 1

Expert Comment

by:minzliu
ID: 17074175
Im guessing the site is verifying each user using http headers, ie the "User-Agent" header. you can write a script to match the "User-agent" and if they dont match, simply display a error msg.

so if u made a firefox extension, simply change the user-agent to something u want it to be, and put conditions on your site to match it. in php u can retrieve the "user-agent" using $_SERVER['HTTP_USER_AGENT'].
0
 
LVL 13

Accepted Solution

by:
PraxisWeb earned 250 total points
ID: 17074243
User-Agent = Browser... I think it is more along the lines of DNS/IP lookup for requests:

have your authorized users in some form of persistent storage, when a request comes in check the headers to find out who made the request and check it against your "approved" list.

If you want it to be only from your site you could also use the referrer - if it is not referred by your site then deny the request.
0
 
LVL 1

Assisted Solution

by:minzliu
minzliu earned 250 total points
ID: 17074457
the useragent can be changed, especially with a firefox extension. it can even be changed using javascript, but i cant quite remember how.

i know u can change IE's user agent in the registry.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Does your audience prefer people in photos or no people? How can you best highlight what you’re selling? What are your competitors doing, and what can you do that is different and unique from them?  Continue reading to learn how to make your images …
There’s a good reason for why it’s called a homepage – it closely resembles that of a physical house and the only real difference is that it’s online. Your website’s homepage is where people come to visit you. It’s the family room of your website wh…
This video teaches users how to migrate an existing Wordpress website to a new domain.
The viewer will get a basic understanding of what section 508 compliance can entail, learn about skip navigation links, alt text, transcripts, and font size controls.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question