Reputation: 55
Restricting access to static files using Bottle
I am creating a web application using the bottle framework. Since we need to provide routes to static files such as:
def server_css(self, filename):
return static_file(filename, root='css')
Is there any way from restricting a user in just typing /css/file.css to access the file?
Upvotes: 0
Views: 103
Answers (2)
Reputation: 18168
No, not really.
I mean, you could come up with some elaborate, obfuscated dynamic (javascript) loading mechanism, but is it really worth it?
But you could put your sensitive files in a different, protected, location. So there'd be /css/file.css, which would be publicly accessible. Then there'd be /private/file.txt which you'd protect with your favorite flavor of authentication.
If this is specifically about hiding your css from the general public, I suppose you could try to obfuscate it, but IMO that's a bit of a fool's errand.
Upvotes: 1
Reputation: 2592
Maybe you can check an href http headers. They might be empty when user types in browser and something otherwise.
Upvotes: 0
Related Questions
- Bottle Static files
- How to load static files in python bottle in URL's
- How to convert @bottle.route to bottle.route() when serving static files?
- With bottle.py, how do I properly render static file requests of templates?
- bottle.py render static file
- Static files not loaded in a Bottle application when the trailing slash is omitted
- Static files not being served on Bottle in Python
- Loading static files in a Bottle.py application on openshift
- Serving nested static files with Bottle.py
- Static files in a Bottle application cannot be found (404)