user5954693
Reputation:
How to prevent text or script file to be seen/download by directly entering it browser url bar?
I am using some java-script code in my JSP file but as I do not want client to see my code, I placed it in a codescript.js file and included it through ajax like this
$.ajax({
cache: true,
dataType: "script",
url: "codescript.js"
});
But as I am accessing codescript.js file directly anyone can guess that it is stored in current directory. My file can be downloaded by just entering file name in url bar such as
pathtomysite\codescript.js
Is there any way to prevent clients to easily access my java-script files.
Upvotes: 0
Views: 153
Answers (1)
Adam
Reputation: 18805
You can deny direct access by testing the Referer header. This should basically deny direct access, but it can be spoofed.
RewriteCond "%{HTTP_REFERER}" "!www.example.com" [NC]
RewriteRule "\.(js)$" - [F]
Upvotes: 1
Related Questions
- How to download a file with Node.js (without using third-party libraries)?
- How can I force clients to refresh JavaScript files?
- How to create a file in memory for user to download, but not through server?
- How to identify if a webpage is being loaded inside an iframe or directly into the browser window?
- How to trigger a file download when clicking an HTML button or JavaScript
- Detect when a browser receives a file download
- How to read a local text file in the browser?
- JavaScript/jQuery to download file via POST with JSON data
- Prevent Download Via URL