httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Pinder <rpin...@usc.edu>
Subject Re: [users@httpd] Hiding contents of .py script files SPOKE TOO SOON
Date Tue, 21 Sep 2004 23:08:25 GMT
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Upon further review, the fix below does indeed hide the text
representation of the script... but it also makes the script
un'runnable !!&nbsp; I get an error that goes away when I comment out the
code.<br>
<br>
Is there another way to restrict browsers viewing the contents of the
script, but keeping it executable ??<br>
<br>
thanks<br>
Rich<br>
<br>
Rich Pinder wrote:<br>
<blockquote cite="mid414F821B.7080502@usc.edu" type="cite">
  <meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
  <title></title>
Thanks so much all,<br>
This one worked (other didnt):<br>
  <br>
  <blockquote type="cite"><tt>&lt;Files ~ "*.py"&gt;<br>
&nbsp;&nbsp;&nbsp; Order allow,deny<br>
&nbsp;&nbsp;&nbsp; Deny from all<br>
&nbsp;&nbsp;&nbsp; Satisfy All<br>
&lt;/Files&gt;</tt></blockquote>
  <br>
Rich <br>
  <br>
  <br>
Scott Gifford wrote:<br>
  <blockquote cite="midly8yb4oe9c.fsf@gfn.org" type="cite">
    <pre wrap="">Rich Pinder <a class="moz-txt-link-rfc2396E"
 href="mailto:rpinder@usc.edu">&lt;rpinder@usc.edu&gt;</a> writes:

  </pre>
    <blockquote type="cite">
      <pre wrap="">Thanks for this idea.

I tried this  (but still can view the page(s)):


    &lt;Files ~ "^\.py"&gt;
        Order allow,deny
        Deny from all
        Satisfy All
    &lt;/Files&gt;
    </pre>
    </blockquote>
    <pre wrap=""><!---->
Your regex is wrong.  ^ means "starting at the beginning of the
filename", so you'll match files that start with ".py", not end with
it.  You want something more like:

    &lt;Files ~ "\.py$"&gt;

or

    &lt;Files "*.py"&gt;
    </pre>
  </blockquote>
</blockquote>
<br>
Scott wrote:<br>
<blockquote cite="mid414F821B.7080502@usc.edu" type="cite">
  <blockquote cite="midly8yb4oe9c.fsf@gfn.org" type="cite">
    <pre wrap=""><blockquote type="cite"><pre wrap="">In the sample httpd.conf
file it shows how to do this.  See:

#
# The following lines prevent .htaccess and .htpasswd files from being 
# viewed by Web clients. 
#
&lt;Files ~ "^\.ht"&gt;
    Order allow,deny
    Deny from all
&lt;/Files&gt;

Just add another &lt;Files&gt; to match the regex to match your .py files.

-Dan</pre></blockquote>
----ScottG.</pre>
  </blockquote>
  <URL:http:></URL:http:></blockquote>
</body>
</html>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message