URL protection with Encryption on the HTML Source Code

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: URL protection with Encryption on the HTML Source Code
From: Lucio Godoy <luciocfgodoy@xxxxxxxxxxx>
Date: Sun, 23 Nov 2008 20:48:11 +0000
Importance: Normal
Reply-to: users@xxxxxxxxxxxxxxxx

Hi All;

I am using: Fedora 8, Apache version 2.2.8, MySQL version 5.0.45.

I have been developing a restricted web site (username/password authenticated via PHP onto a MYSQL user table) which will allow users to retrieve movies that they have FTP uploaded from their mobile phones. The uploading is working fine with proftpd/mysql combination, and the movie is transfered to the users directory.

When the user wants to retrieve the movie, they login to the website and a dynamic list of movies is built and the user clicks on the image thumbnail and a pop-up screen starts to play the movie automatically.

My problem is that the URL that relates to the user/movie is fully displayed if you look at the html source code. For an experienced programmer they can quick workout the URL/PATH and download somebody else's movie.

I would like somehow to encrypt the Movie URL, making almost impossible for somebody to workout the path to the directory, much like what youtube does (I think).

This is my html code:
      <object" type="application/x-oleobject" width="341" height="388" align="middle" standby="Loading Media Player components..." class="style8" id="MediaPlayer">
        <param name="FileName" value="https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi" />
        <param name="ShowStatusBar" value="True" />
        <param name="DefaultFrame" value="mainFrame" />
        <param name="autostart" value="true" />
        <embed src=""https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi">https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi" width="341" height="388" autostart="true" align="middle" filename="https://www.example.com/www/1191247361/ftp/00_16_55_01_7A_90_2008_08_21_06_08_05.avi" showstatusbar="True" defaultframe="mainFrame"></embed>
      </object>

if the unscrupulous user cuts and pastes the above url, they can access the content directly without any authentication.

Thank you for your help and suggestions.

Lucio

Win £1000 John Lewis shopping sprees with BigSnapSearch.com Search now

Follow-Ups:
- Re: URL protection with Encryption on the HTML Source Code
  - From: Krist van Besien

Prev by Date: RE: httpd.exe -k restart not working on Windows console
Next by Date: RE: How to connect from a remote machine
Previous by thread: Script: '/usr/www/...' in httpd-error.log?
Next by thread: Re: URL protection with Encryption on the HTML Source Code
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]