On May 30, 2014, at 3:13 AM, Ket <[email protected]> wrote: > Hi there, > > I could block other web sites access to my server with this simple logic: > > var mydomain = 'http://www.mywebsite.com/'; > if(url !== 'mydomain') { > return; > } > > However, it could not block request from a local computer's file like from > this location: > > file:///D:/test.html > > How do you prevent request from this location to access to the server and > stealing bandwidth and sensitive data. > > Do you even think this is a security issue. I'm worried too much about this > insecure.
I don't understand your concern. If you can access a file via the file: protocol, then you are accessing the file from a local drive usually; you're not going over a network; no bandwidth is being used. I also don't understand your first statement about blocking access from other web sites. If your URLs are public, then anyone can access them. If you want to prevent access, password-protect. -- Job board: http://jobs.nodejs.org/ New group rules: https://gist.github.com/othiym23/9886289#file-moderation-policy-md Old group rules: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/nodejs/337E3010-60E9-4361-80B5-6B75CC1F6BA6%40ryandesign.com. For more options, visit https://groups.google.com/d/optout.
