By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,933 Members | 1,574 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,933 IT Pros & Developers. It's quick & easy.

Redirect to a file on the server (not in wwwroot)

P: n/a
Hi all,

I want to do a similar action to response.redirect ("file.htm"). But the
file.htm contains some sensitive data. I have placed file.htm in a folder in
the InetPub (d:\inetpub\privateroot\file.htm) so that it is not accessible
by a simple HTTP request. An asp login script will be used, and then once
the user is verified the page should redirect to
d:\inetpub\privateroot\file.htm. But obviously I cannot use
response.redirect because it is not a recognisable URL. Any ideas which
command I should use?

Btw, I use VB Script.
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))

Jul 19 '05 #1
Share this Question
Share on Google+
6 Replies


P: n/a
Can't be done. A browser can not access a page that is not
part of a web site. (Tehcnically, that's not 100% true,
but it applies in your case)

You must either place the page in a directory accessible
via the web or create a virtual directory on the directory
where your file lives.

NOTE: If you are on an intranet and the directory where
your file lives is on an accessible share, you could link
to it, but you still won't be able to use
response.redirect.

John
-----Original Message-----
Hi all,

I want to do a similar action to response.redirect ("file.htm"). But thefile.htm contains some sensitive data. I have placed file.htm in a folder inthe InetPub (d:\inetpub\privateroot\file.htm) so that it is not accessibleby a simple HTTP request. An asp login script will be used, and then oncethe user is verified the page should redirect to
d:\inetpub\privateroot\file.htm. But obviously I cannot useresponse.redirect because it is not a recognisable URL. Any ideas whichcommand I should use?

Btw, I use VB Script.
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti- spam))
.

Jul 19 '05 #2

P: n/a
Ok, cheers.

Do you have any suggestions as to how can I secure file.htm from being
retrieved without having put the username or password in??
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"John Beschler" <gi***@geewhiz.com> wrote in message
news:0b****************************@phx.gbl...
Can't be done. A browser can not access a page that is not
part of a web site. (Tehcnically, that's not 100% true,
but it applies in your case)

You must either place the page in a directory accessible
via the web or create a virtual directory on the directory
where your file lives.

NOTE: If you are on an intranet and the directory where
your file lives is on an accessible share, you could link
to it, but you still won't be able to use
response.redirect.

John
-----Original Message-----
Hi all,

I want to do a similar action to response.redirect

("file.htm"). But the
file.htm contains some sensitive data. I have placed

file.htm in a folder in
the InetPub (d:\inetpub\privateroot\file.htm) so that it

is not accessible
by a simple HTTP request. An asp login script will be

used, and then once
the user is verified the page should redirect to
d:\inetpub\privateroot\file.htm. But obviously I cannot

use
response.redirect because it is not a recognisable URL.

Any ideas which
command I should use?

Btw, I use VB Script.
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-

spam))

.

Jul 19 '05 #3

P: n/a
Ah yeah,

Thought I'd mention that it's a remotly hosted site and I cannot use NT
security etc...
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"Tim Stokes" <tim.stokes@freshfmmanchester_co_uk> wrote in message
news:3f**********@mk-nntp-2.news.uk.tiscali.com...
Ok, cheers.

Do you have any suggestions as to how can I secure file.htm from being
retrieved without having put the username or password in??
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"John Beschler" <gi***@geewhiz.com> wrote in message
news:0b****************************@phx.gbl...
Can't be done. A browser can not access a page that is not
part of a web site. (Tehcnically, that's not 100% true,
but it applies in your case)

You must either place the page in a directory accessible
via the web or create a virtual directory on the directory
where your file lives.

NOTE: If you are on an intranet and the directory where
your file lives is on an accessible share, you could link
to it, but you still won't be able to use
response.redirect.

John
-----Original Message-----
Hi all,

I want to do a similar action to response.redirect

("file.htm"). But the
file.htm contains some sensitive data. I have placed

file.htm in a folder in
the InetPub (d:\inetpub\privateroot\file.htm) so that it

is not accessible
by a simple HTTP request. An asp login script will be

used, and then once
the user is verified the page should redirect to
d:\inetpub\privateroot\file.htm. But obviously I cannot

use
response.redirect because it is not a recognisable URL.

Any ideas which
command I should use?

Btw, I use VB Script.
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-

spam))

.


Jul 19 '05 #4

P: n/a
If it's an ASP file, then include as the first part of the
file a check for some session variable. If the session
variable is NOT what you think it should be, then redirect
the visitor to a page which requires a login and password.

For example:

In the "secure" page:
If Session("Authorised") <> "True" Then
Response.redirect("Login.asp")
End If

In login.asp:
If ValidUser = True Then
Session("Authorised") = "True"
Else
Session("Authorised") = "False"
End If

This way anytime the page is requested, the first thing it
will do is verify the user has met your credentials.

If your page is HTML, simply change the Extension to .ASP
and add the code at the begining as above.

We use this at: www.stagecrafters.com/admin and it works
quite well.

-----Original Message-----
Ok, cheers.

Do you have any suggestions as to how can I secure file.htm from beingretrieved without having put the username or password in??
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti- spam))

"John Beschler" <gi***@geewhiz.com> wrote in message
news:0b****************************@phx.gbl...
Can't be done. A browser can not access a page that is not part of a web site. (Tehcnically, that's not 100% true,
but it applies in your case)

You must either place the page in a directory accessible
via the web or create a virtual directory on the directory where your file lives.

NOTE: If you are on an intranet and the directory where
your file lives is on an accessible share, you could link to it, but you still won't be able to use
response.redirect.

John
>-----Original Message-----
>Hi all,
>
>I want to do a similar action to response.redirect

("file.htm"). But the
>file.htm contains some sensitive data. I have placed

file.htm in a folder in
>the InetPub (d:\inetpub\privateroot\file.htm) so that
it is not accessible
>by a simple HTTP request. An asp login script will be

used, and then once
>the user is verified the page should redirect to
>d:\inetpub\privateroot\file.htm. But obviously I cannot

use
>response.redirect because it is not a recognisable URL.

Any ideas which
>command I should use?
>
>Btw, I use VB Script.
>_________________________
><%= TIM_STOKES %>
>(change the _'s in my e-mail address to .'s (this is
anti- spam))
>
>
>
>.
>

.

Jul 19 '05 #5

P: n/a
Does anyone have a suggestion as to how I could automate this function?

Cheers
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"Tim Stokes" <tim.stokes@freshfmmanchester_co_uk> wrote in message
news:3f********@mk-nntp-2.news.uk.tiscali.com...
Thanks

That would have been my next idea... it's just that there are going to be
about 500+ html pages added per day!
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"John Beschler" <gi***@geewhiz.com> wrote in message
news:6c****************************@phx.gbl...
If it's an ASP file, then include as the first part of the
file a check for some session variable. If the session
variable is NOT what you think it should be, then redirect
the visitor to a page which requires a login and password.

For example:

In the "secure" page:
If Session("Authorised") <> "True" Then
Response.redirect("Login.asp")
End If

In login.asp:
If ValidUser = True Then
Session("Authorised") = "True"
Else
Session("Authorised") = "False"
End If

This way anytime the page is requested, the first thing it
will do is verify the user has met your credentials.

If your page is HTML, simply change the Extension to .ASP
and add the code at the begining as above.

We use this at: www.stagecrafters.com/admin and it works
quite well.

-----Original Message-----
Ok, cheers.

Do you have any suggestions as to how can I secure

file.htm from being
retrieved without having put the username or password in??
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-

spam))


"John Beschler" <gi***@geewhiz.com> wrote in message
news:0b****************************@phx.gbl...
> Can't be done. A browser can not access a page that is

not
> part of a web site. (Tehcnically, that's not 100% true,
> but it applies in your case)
>
> You must either place the page in a directory accessible
> via the web or create a virtual directory on the

directory
> where your file lives.
>
> NOTE: If you are on an intranet and the directory where
> your file lives is on an accessible share, you could

link
> to it, but you still won't be able to use
> response.redirect.
>
> John
>
>
>
> >-----Original Message-----
> >Hi all,
> >
> >I want to do a similar action to response.redirect
> ("file.htm"). But the
> >file.htm contains some sensitive data. I have placed
> file.htm in a folder in
> >the InetPub (d:\inetpub\privateroot\file.htm) so that

it
> is not accessible
> >by a simple HTTP request. An asp login script will be
> used, and then once
> >the user is verified the page should redirect to
> >d:\inetpub\privateroot\file.htm. But obviously I cannot
> use
> >response.redirect because it is not a recognisable URL.
> Any ideas which
> >command I should use?
> >
> >Btw, I use VB Script.
> >_________________________
> ><%= TIM_STOKES %>
> >(change the _'s in my e-mail address to .'s (this is

anti-
> spam))
> >
> >
> >
> >.
> >
.


Jul 19 '05 #6

P: n/a
There are aliases... And there are password protaced dirs... And you can
open the file, then output it...

With my setup, there are lots of ways to do it as I must request everything
through my Apache which can password protect stuff, and I can use a perl,
php or jsp script to verify the user, then send an internal request to
Apache which forwards that request to the private IIS dir, then the Apache
script would get the output of the IIS script, then it could output it to
the user... Although, I doubt very many ppl have this wierd setup so the
first paragraph would most likely be most worth reading...

--
// DvDmanDT
MSN: dv******@hotmail.com
Mail: dv******@telia.com
"Tim Stokes" <tim.stokes@freshfmmanchester_co_uk> skrev i meddelandet
news:3f********@mk-nntp-2.news.uk.tiscali.com...
Does anyone have a suggestion as to how I could automate this function?

Cheers
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"Tim Stokes" <tim.stokes@freshfmmanchester_co_uk> wrote in message
news:3f********@mk-nntp-2.news.uk.tiscali.com...
Thanks

That would have been my next idea... it's just that there are going to be about 500+ html pages added per day!
_________________________
<%= TIM_STOKES %>
(change the _'s in my e-mail address to .'s (this is anti-spam))
"John Beschler" <gi***@geewhiz.com> wrote in message
news:6c****************************@phx.gbl...
If it's an ASP file, then include as the first part of the
file a check for some session variable. If the session
variable is NOT what you think it should be, then redirect
the visitor to a page which requires a login and password.

For example:

In the "secure" page:
If Session("Authorised") <> "True" Then
Response.redirect("Login.asp")
End If

In login.asp:
If ValidUser = True Then
Session("Authorised") = "True"
Else
Session("Authorised") = "False"
End If

This way anytime the page is requested, the first thing it
will do is verify the user has met your credentials.

If your page is HTML, simply change the Extension to .ASP
and add the code at the begining as above.

We use this at: www.stagecrafters.com/admin and it works
quite well.


>-----Original Message-----
>Ok, cheers.
>
>Do you have any suggestions as to how can I secure
file.htm from being
>retrieved without having put the username or password in??
>_________________________
><%= TIM_STOKES %>
>(change the _'s in my e-mail address to .'s (this is anti-
spam))
>
>
>"John Beschler" <gi***@geewhiz.com> wrote in message
>news:0b****************************@phx.gbl...
>> Can't be done. A browser can not access a page that is
not
>> part of a web site. (Tehcnically, that's not 100% true,
>> but it applies in your case)
>>
>> You must either place the page in a directory accessible
>> via the web or create a virtual directory on the
directory
>> where your file lives.
>>
>> NOTE: If you are on an intranet and the directory where
>> your file lives is on an accessible share, you could
link
>> to it, but you still won't be able to use
>> response.redirect.
>>
>> John
>>
>>
>>
>> >-----Original Message-----
>> >Hi all,
>> >
>> >I want to do a similar action to response.redirect
>> ("file.htm"). But the
>> >file.htm contains some sensitive data. I have placed
>> file.htm in a folder in
>> >the InetPub (d:\inetpub\privateroot\file.htm) so that
it
>> is not accessible
>> >by a simple HTTP request. An asp login script will be
>> used, and then once
>> >the user is verified the page should redirect to
>> >d:\inetpub\privateroot\file.htm. But obviously I cannot
>> use
>> >response.redirect because it is not a recognisable URL.
>> Any ideas which
>> >command I should use?
>> >
>> >Btw, I use VB Script.
>> >_________________________
>> ><%= TIM_STOKES %>
>> >(change the _'s in my e-mail address to .'s (this is
anti-
>> spam))
>> >
>> >
>> >
>> >.
>> >
>
>
>.
>



Jul 19 '05 #7

This discussion thread is closed

Replies have been disabled for this discussion.