Hide path name - Githubissues

TheGU / mod-auth-token

This module uses token based authentication to secure downloads and prevent deep-linking. Have your script or servlet generate a token to authenticate the download and let Apache handle the file transfer without having to pipe it through a script for security.

Apache License 2.0

0 stars 0 forks source link

Hide path name #22

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Hi,

1.0.6 beta, I confirm that the IP option works for me.

It would be great if the directory path was hidden too.

Thanks for the module.

Original issue reported on code.google.com by leon.faz...@commerceo.com on 26 Jun 2011 at 11:11

GoogleCodeExporter commented 9 years ago

Enhancement...

Original comment by leon.faz...@commerceo.com on 26 Jun 2011 at 11:12

GoogleCodeExporter commented 9 years ago

That could /never/ happen. You can't hide the directory path because the code 
can't "un-MD5" a hash to try and "get back to your original directory path". In 
effect, although brute-force can crack sometimes crack md5 strings, it's a 
one-way encode.

Original comment by bevan...@gmail.com on 18 Jul 2011 at 7:41

GoogleCodeExporter commented 9 years ago

You can'to do that as explained by bevand10. because the directory path is part 
of the algo.

Original comment by teixeira...@gmail.com on 24 May 2012 at 7:08

Changed state: Invalid

GoogleCodeExporter commented 9 years ago

Yes indeed, by "hidden" I don't mean encoded. Maybe this is what ModSecDownload 
is doing with the additional document-root parameter.

Original comment by Leon.Faz...@gmail.com on 25 May 2012 at 7:57