1

Being new to .htaccess concept, I have a basic question. I tried to protect a directory which hosts my stored procedure files... this is because I need not anyone else accessing the code of the file. My issue is the following:

When I try to access a file of the directory through javascript as part of my coding, the same pop up comes up requiring username and password. How can this be resolved?

Please advise if the route I am taking is wrong. My intention is that the code should have access to stored procedure files, but none should have access to the actual file content. This can be applicable for css files or javascript files as well.

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Samuel Mathews
  • 171
  • 1
  • 2
  • 17
  • With *stored procedures*, do you mean SQL procedures? Why does your client-side (?) javascript need to access them? They should be handled on the server. – Yogu Jan 17 '14 at 14:49
  • yes. they are handled at server end.. but in the post or get section of javascript we redirect them to sql files right... i just meant that.. – Samuel Mathews Jan 17 '14 at 14:52

2 Answers2

2

You can't differentiate between a client asking for a resource because your code asked it to and the same client asking for a resource for some other reason.

Even if you could, then the resource would still be available to the owner of the client, without making another request for it, through (for example) the developer tools built into most browsers.

Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
0

If the files you're talking about are all Javascript then protecting them like that isn't really feasible. They are client-side scripts, meaning they need to be downloaded by the user's browser. Unfortunately, you can't reliably tell the difference between a browser downloading them as part of an HTML page, and a user downloading them directly to steal them.

The best you can do is obfuscate the files to make them difficult to understand. That will never prevent a determined code thief though.

Peter Bloomfield
  • 5,578
  • 26
  • 37
  • i heard of robot files concept.. though not very clear... do you have any idea of it.. if so, can u direct me a link on the same... – Samuel Mathews Jan 17 '14 at 15:09
  • Unfortunately the robots file won't help you. It mainly provides suggestions telling search engines what to index. It doesn't actually prevent access to anything, and it doesn't affect users at all. – Peter Bloomfield Jan 17 '14 at 15:43