Rename them with a .cfm extension - put a Application.cfm in the root of the dir with a <cfabort> in it.
Then push them out through <cfcontent> and using HTTP Headers tell the browser the name of the file without the .cfm extension. Mark On Tue, May 4, 2010 at 12:53 PM, Rick Colman <[email protected]> wrote: > > I am on a shared host, so moving outside the web directories is not > practical. > > On 5/3/2010 4:09 PM, Dave Watts wrote: > > > >> Is there some easy way to protect PDF (and perhaps other kinds of > documents) from sideaways access? > >> > >> In other words, after building login pages, protecting html/cfm pages > from direct access, etc.; someone can still directly access a > >> document with a direct URL, like > >> > >> www.xxx.com/yyyy.pdf > >> > > You can remove them from web-accessible directories and (a) serve them > > with CFCONTENT, or (b) create a temporary symlink of some sort using > > CFEXECUTE. > > > > Dave Watts, CTO, Fig Leaf Software > > http://www.figleaf.com/ > > http://training.figleaf.com/ > > > > Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on > > GSA Schedule, and provides the highest caliber vendor-authorized > > instruction at our training centers, online, or onsite. > > > > > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Want to reach the ColdFusion community with something they want? Let them know on the House of Fusion mailing lists Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:333312 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
