I've got a situation where I have a site that has a protected members section that needs to be searchable, in addition to the rest of the site. I've currently got it set up using two different configuration files with two different databases - one with only the public stuff, and one with both the public and members stuff. The one with only public stuff is used for all searches on the public site. The other is used for searches in the members section.
The problem is that if a user can determine the name of the configuration file that the member search uses, then can simply add a ?config=members.conf to the URL of the public search and viola, they can search the protected content.
The only way I can see to prevent this is to actually recompile htDig to use a different directory for the members search.
Ideally, I would like to be able to specify in the configuration file that the search results page must be in the members section. This way a user would have to authenticate before being able to view results. Is this possible? Can I tell htDig to look at the URL of the search cgi and enforce that it match a particular pattern?
Jason
- [htdig] htsearch config file sample Jason Scharlach
- [htdig] htsearch config file sample Anu Vaidyanathan
- Re: [htdig] htsearch config file sample Steve Yeazel
- [htdig] crawling google Anu Vaidyanathan
- Re: [htdig] crawling google Anu Vaidyanathan
- Re: [htdig] crawling google Jim
- [htdig] compiling 3.1.6 (failing with gc... Anu Vaidyanathan
- Re: [htdig] compiling 3.1.6 (failin... Jim
- Re: [htdig] compiling 3.1.6 (fa... Anu Vaidyanathan
- Re: [htdig] compiling 3.1.6... Jim
- [htdig] compiled! now back ... Anu Vaidyanathan
