This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Is there a way to protect files from being downloaded?
I have set up a login system so only people with a valid username/password can view the pages, but when I put the full URL of a particular file into the browser when logged out I can still download the file.
Since Google is extremely good at getting its hands on material that it shouldn't, I don't want this to be possible.
The login filter I have set up is for anything within the directory "/secure/" - which is where I have put the documents, although they are still accessible directly.
I had to fix my servlet filter so that it DID allow users who weren't logged in to download images and CSS and things like that. So it shouldn't be difficult to write a filter which doesn't allow users who aren't logged in to download files.
Joined: Sep 30, 2009
Looks like I was being a little impatient :-) The filter I have in place actually already does what I need. Must have been Chrome lagging a little when I was testing this