Use CFCONTENT to push the documents from a directory that is not accessible via the webroot:
<CFHEADER NAME="Content-Disposition" VALUE="attachment; filename=#download.filename#"> <CFCONTENT TYPE="#mimetype#" FILE="#sharedfiles#\#download.filename#" DELETEFILE="No"> Where sharedfiles is a directory off the webroot... > Hi, > This is off topic, but I am sure many of you have had to deal with > issues such as these in the past. > > I have been living in a bubble for the past 3 years and have developped > many web apps in CF, ASP and JSP on secure networks with no Internet > connection. For the first time, I am building an Internet based web app > in CF. Creating the members only portion with user authentication and so > on is no problem. > > However, the site's main focus is to share research data among members. > Most members want to upload MS Word docs, MS Excel docs and PDFs. The > site will be hosted at an ISP, so using IIS or NT security is not an > option. > > So here is my dilema, once I have uploaded documents that I only want > members to access, how can I achieve something better than "security > through obscurity" and prevent people from stumbling on the docs by > guessing or as the result of a search engine search? Same question for > images. There will be images in .jpg and .gif format which are destined > for members eyes only. > > Any recommendations appreciated. > > Grif > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm
