WebApp Sec mailing list archives

Re: Controlling access to pdf/doc files

From: Jed Holler <j.holler () juno com>
Date: Tue, 24 Feb 2004 13:59:23 -0700

I think it may be better to have the file dynamically generated, and then
deleted as soon as the file is transferred. Have the file name be a
random number or string, generated by your application. Also set a timer
that will delete the file after 2 or 3 minutes, in case the client
terminates the connection before the file has a chance to transfer.

Jed

________________________________________________________________
The best thing to hit the Internet in years - Juno SpeedBand!
Surf the Web up to FIVE TIMES FASTER!
Only $14.95/ month - visit www.juno.com to sign up today!

Current thread:

Controlling access to pdf/doc files Sangita Pakala (Feb 24)
- Re: Controlling access to pdf/doc files Blasted (Feb 24)
- Re: Controlling access to pdf/doc files Suresh Prabhu (Feb 26)
- Re: Controlling access to pdf/doc files chasd (Feb 26)
- Re: Controlling access to pdf/doc files lists AT dawes DOT za DOT net (Feb 26)
- RE: Controlling access to pdf/doc files Paulus Widodo (Feb 26)
- <Possible follow-ups>
- Re: Controlling access to pdf/doc files Jed Holler (Feb 25)
- RE: Controlling access to pdf/doc files Scovetta, Michael V (Feb 25)
- RE: Controlling access to pdf/doc files GRIFFITHS ian (Feb 25)
  - RE: Controlling access to pdf/doc files Alistair Meikle (Feb 26)
- Re: Controlling access to pdf/doc files Mark Curphey (Feb 26)
  - RE: Controlling access to pdf/doc files Sangita Pakala (Feb 28)
    - Re: Controlling access to pdf/doc files David Cameron (Feb 28)
    - Re: Controlling access to pdf/doc files (db "better" than filesystem?) David Wall @ Yozons, Inc. (Feb 28)
    - Re: Controlling access to pdf/doc files (db "better" than filesystem?) Ido Rosen (Feb 28)
- RE: Controlling access to pdf/doc files Zuech, Richard (Feb 26)
- RE: Controlling access to pdf/doc files Mark Mcdonald (Feb 26)

(Thread continues...)