block access to AJAX directory with .htaccess [duplicate]
Possible Duplicate:
Deny ajax file access using htaccess
I have a directory "AJAX" that has all my well AJAX content it is unformatted and ugly if you hit the pages directly. How do I stop someone开发者_运维技巧 from hitting http://www.site.com/AJAX/page1.php with the .htaccess file?
You don't really want to use .htaccess
to block access to the content since you still need to be able to access this content from your application.
If you feel it's that important to keep people from directly loading this content you can route all traffic through a single php page like:
http://www.site.com/ajax.php?content=page1
and then in ajax.php you can restrict access to this content to only HTTP post and possibly through other means, like unique tokens. Like in the referring page create a unique token 123 and then use the url:
http://www.site.com/ajax.php?content=page1&token=123
and only serve the file if the token is still cached in memory.
While this will work, I don't see the point. If someone wants to load that page, who cares. You can't prevent them from accessing the content since you need it to run your application--they can always get it from browser cache or using a local http proxy.
精彩评论