473,806 Members | 2,895 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

protecting a link to a page

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Thanks.
Jul 23 '05 #1
6 1376
Lee
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.

Jul 23 '05 #2
Xerxes wrote:
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Not with JavaScript (at least not with client side JavaScript).

Most webservers have some kind of built in functionality, or you can
implement a login system in just about any server side programming language
your server supports (you can use postscript if you are feeling insane, but
Perl, PHP and JSP are better bets (Windows users might want to look at
ASP)).
--
David Dorward <http://blog.dorward.me .uk/> <http://dorward.me.uk/>
Home is where the ~/.bashrc is
Jul 23 '05 #3
In article <hB************ ****@roc.nntpse rver.com>, ashkaan57
@hotmail.com enlightened us with...
Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Put them in their own directory and protect the directory with decent
security.
..htaccess works great for Apache servers and IIS has it's own mechanism.

This has nothing at all to do with javascript. Javascript should *never*
be used to implement security.

--
--
~kaeli~
Jesus saves, Allah protects, and Cthulhu thinks you'd make
a nice sandwich.
http://www.ipwebdesign.net/wildAtHeart
http://www.ipwebdesign.net/kaelisSpace

Jul 23 '05 #4
Hi and thanks for the reply.
The link is supposed to play a streaming video, hosted by
brandbandvideo. com. If it was to open another page, I could "protect"
the page through the web hosting company admin page so it would
automatically ask for user id and password. But since the link would
open Windows Media Player, I am not sure how to proceed.
I apologize for simple question.

"Lee" <RE************ **@cox.net> wrote in message
news:cd******** @drn.newsguy.co m...
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.

Jul 23 '05 #5
Xerxes wrote:
Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.

Thanks.


Any "security" you provide via client-side Javascript is no security at
all.

Secure the login process on the server.

Then go a step further and make it difficult to automate a process that
simply tries every password for an account... for example, disable the
account for 10 minutes after 3 successive login failures on an account.

It is unbelievably easy to write applications that will just try to POST
to an ACTION repeatedly with different values for the inputs. This is
precisely why if you fail to provide the correct password to Yahoo! Mail
(for example), it displays an image with machine unreadable text and asks
the user to provide the word. This eliminates any possiblity of an
automated tool hacking away at accounts until it discovers the password.

--
Grant Wagner <gw*****@agrico reunited.com>
comp.lang.javas cript FAQ - http://jibbering.com/faq
Jul 23 '05 #6
If the final destination is hosted on a server with no server
authentication, there isn't really anything you can do either client or
server-side to prevent someone from simply bookmarking the final location.

Store the video with some incredibly strange file name, then add server
authentication to a page you host that has a link to the incredibly strange
and hard to guess file name of the video. Of course, once someone has that
link, they can simply post it for all the world to see somewhere else.

Or, a variation on the above might be (if you can manipulate the file hosted
on brandbandvideo. com from your server)... have server-side processing on
your server create a symlink to the video with a really strange name, then
generate a link to that strange name. Have a nightly job remove all the
symlinks created that day. That way, each visit to your protected page
hosted on your server creates a link that is effectively useless the next
day.

What you want to do can not be done using client-side Javascript, and unless
I'm missing something simple and obvious, it can't be done very effectively
server-side either.

Xerxes wrote:
Hi and thanks for the reply.
The link is supposed to play a streaming video, hosted by
brandbandvideo. com. If it was to open another page, I could "protect"
the page through the web hosting company admin page so it would
automatically ask for user id and password. But since the link would
open Windows Media Player, I am not sure how to proceed.
I apologize for simple question.

"Lee" <RE************ **@cox.net> wrote in message
news:cd******** @drn.newsguy.co m...
Xerxes said:

Hi,
how can I activate a login when someone clicks on a link? I want only
authorized users to have access to the pages accessible through the
links.


Anything involving security should be done on the server,
not on the pages that are sent to the client.
Your web hosting service should be able to help you.


--
Grant Wagner <gw*****@agrico reunited.com>
comp.lang.javas cript FAQ - http://jibbering.com/faq
Jul 23 '05 #7

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
3
1397
Protecting folders
by: StevePBurgess | last post by:
I have a data driven website. Part of the website is a downloads section - all the downloads are help in a folder called "downloads". When a general user (i.e. one that doesn't have a log in) uses the site and access the downloads page they are given a list of general downloads. When a member who has logged in uses the site, the same page presents the general downloads and the member only downloads. This all works fine. A slight hole...
PHP
12
2207
protecting images with asp
by: Roland Hall | last post by:
I read Aaron's article: http://www.aspfaq.com/show.asp?id=2276 re: protecting images from linked to by other sites. There is a link at the bottom of that page that references an interesting article about ways of protecting your images from being downloaded. It was my understanding that if the client sees it, then it's in the client cache. Am I wrong in this belief or not? I took the information in the article and created the .asp that...
ASP / Active Server Pages
4
1820
Obfuscation: Not just for protecting intellectual property
by: Jonathan Henderson | last post by:
Obfuscators aren't only used for protecting intellectual property. See the hacker demo at this link: http://www.preemptive.com/documentation/NetHackerDemo.html For those who don't know what an obfuscator is, here's the link that gives a brief explanation: http://www.preemptive.com/obfuscator.html
.NET Framework
1
1216
PWD protecting access to Word Docs via ASP and/or IIS?
by: darrel | last post by:
I have a section of our site that I'm putting behind a password. The template checks to see if a cookie was set, if not, it sends you to the login page, where you enter in the pwd, and it sets the cookie allowing you to then see the template page. The template page sets a variable that each of the included content pages then check for before loading. So, as it's set up, you can not access the main template page nor any of the
ASP.NET
0
250
Protecting my page from a block of untrusted HTML
by: Mark Stokes | last post by:
Hi there, I am currently writing a webmail client in asp.net with C#. I currently support HTML email bodies, but badly formed HTML can cause problems with the rest of my page. Of course, I have no control over the content of the HTML email body, so I have to assume that it may contain the worse, while protecting my users as much as possible, without limiting them to text only emails!
ASP.NET
8
1765
Password protecting downloads
by: Iain Napier | last post by:
I'm in the middle of developing a website with a downloads section. It's a wad of educational software for an LEA which for obvious reasons needs password protecting. Users have to authenticate before being allowed to search and getting a link to the download. Don't want the users to get at the files without logging in first, so I created a script (filedownload.php) that adds the filename to the URL query string (e.g.,...
PHP
1
1329
PWD protecting individual files.
by: darrel | last post by:
I need to be able to password protect individual pages. For instance: /protected.aspx?id=123 /protected.aspx?id=555 Both would need to be only accessible to two different people (with their own usr/pwd). What is the most appropriate way to handle this?
ASP.NET
0
1149
protecting a class declarativly (going mad)
by: xamman | last post by:
hi there! according to msdn (link at bottom) i should be able to protect a whole class declaratively as above. However i keep getting 'request for principal permissions failed' exceptions. in the msdn article a reference is made to include AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal) in your code to set the appdomain principal.I can understand how to use setprincipalpolicy to protect a method declaratively...
Visual Basic .NET
5
1164
Protecting my code
by: MarkusJNZ | last post by:
Hi all, I have a website which I want to release in 2 versions. The first version will be freeware in exchange for a link back to my page. The second version will cost and will not need a link back to my page at all. For the freeware version how can I ensure that people do not remove my link from the .aspx files???
ASP.NET
0
9597
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
Windows Server
0
10620
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
C / C++
0
10369
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
Online Marketing
1
10372
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...
Windows Server
0
10110
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
General
0
9187
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
Career Advice
0
6877
Couldn’t get equations in html when convert word .docx file to html file in C#.
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
C# / C Sharp
0
5546
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
Networking - Hardware / Configuration
3
3008
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us