Solved

Limit database access to a specific firefox extension

Posted on 2006-07-10
6
356 Views
Last Modified: 2008-01-09
How can I limit the data in my website only to a specific firefox extension that I want to create?

For example:
I checked the source code of the forecastfox extension, and forecastfox access data from accuweather.com by accessing the following url:
http://forecastfox.accuweather.com/adcbin/forecastfox/locate_city.asp?location=

When I tried to access that url, I got the following:

<adc_database>
<citylist us="0" intl="0" extra_cities="0">
      </citylist>
<copyright>Copyright 2006 AccuWeather.com</copyright>
&#8722;
      <use>
This document is intended only for use by authorized licensees of AccuWeather.com. Unauthorized use is prohibited. All Rights Reserved.
</use>
<product>Forecastfox</product>
<redistribution>Redistribution Prohibited.</redistribution>
</adc_database>

My question, if I want to create a firefox extension to fetch data from my website, how do I limit the data access only to my extension? I want to make sure other website can't fetch or crawl the data from my website.

Thanks.
0
Comment
Question by:screwdriver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 1

Expert Comment

by:minzliu
ID: 17074175
Im guessing the site is verifying each user using http headers, ie the "User-Agent" header. you can write a script to match the "User-agent" and if they dont match, simply display a error msg.

so if u made a firefox extension, simply change the user-agent to something u want it to be, and put conditions on your site to match it. in php u can retrieve the "user-agent" using $_SERVER['HTTP_USER_AGENT'].
0
 
LVL 13

Accepted Solution

by:
PraxisWeb earned 250 total points
ID: 17074243
User-Agent = Browser... I think it is more along the lines of DNS/IP lookup for requests:

have your authorized users in some form of persistent storage, when a request comes in check the headers to find out who made the request and check it against your "approved" list.

If you want it to be only from your site you could also use the referrer - if it is not referred by your site then deny the request.
0
 
LVL 1

Assisted Solution

by:minzliu
minzliu earned 250 total points
ID: 17074457
the useragent can be changed, especially with a firefox extension. it can even be changed using javascript, but i cant quite remember how.

i know u can change IE's user agent in the registry.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

FAQ pages provide a simple way for you to supply and for customers to find answers to the most common questions about your company. Here are six reasons why your company website should have a FAQ page
Dramatic changes are revolutionizing how we build and use technology. Every company is automating, digitizing, and modernizing operations. We need a better, more connected way to work together as teams so we can harness the insights from our system…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.
Any person in technology especially those working for big companies should at least know about the basics of web accessibility. Believe it or not there are even laws in place that require businesses to provide such means for the disabled and aging p…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question