security - Possible to give view and download access to a document (.pdf) without revealing the full URL? -
is possible give user access .pdf file - meaning allow them download example clicking button - without revealing full url in process?
so have file @ www.mydomain.com/content/pdf/valuable_ebook.pdf
i want give link triggers download, shows valuable_ebook.pdf , rather full path (which shared, leading unpaid downloads).
i consider create copy of file , temporarily place in location specific download link. wonder if there easier way this.
as far viewing goes, thinking make iframe, doesn't give full url away... "view source" not make easy determine full url above. way achieve this?
of course there might java or flash applications allow viewing of pdfs (speaking of - have example one?).
would possible such app have download feature, not reveal full url? how communicate browser?
or possible restrict access url above maybe through .htaccess , put server sided logic in place grant access if registered/paid member or something?
i wondering if there remote possibilities allow downloading/viewing file without giving away file location.
thankful ideas or insight on how browser has communicate server start download...
ps: realize it's easy share digital item once have downloaded it, i'm trying set @ least few hurdles filter out leaking.
partially answered: found solution downloading file without giving source url away (at least not know of - big chunk of users wont know it).
// file www.mydomain.com/download.php if($user_has_access_to_download == true) { $file = 'content/pdf/valuable_ebook.pdf'; header('content-type: application/x-octet-stream'); //header('content-type: application/pdf'); //wondering better? header('content-disposition: attachment;filename="your_ebook.pdf"'); header("content-length: " . filesize($file)); // header("connection: close"); readfile($file); }
following link www.mydomain.com/download.php
trigger download, not without revealing source file.
now need find helps viewing (rather <iframe src="www.mydomain.com/content/pdf/valuable_ebook.pdf">
) because poses 2 problems: 1. source url can seen , shared 2. browsers give "save as" button - rather have them go through download.php
keep track , such...
possibly i'm gonna have try , find sort of java app view pdfs...
i handle adding sort of parameter url new link www.mydomain.com/content/pdf/valuable_ebook.pdf?code=abc123
abc123
new random value each person give link out to. obviously, make longer 6 characters.
you store of codes in database. here have couple of options. give them option download pdf specified number of times. when code used more times that, perhaps contact download more times, able stop shares link bunch of places.
Comments
Post a Comment