0

In order to protect some JSON files, I am trying to limit the access to one unique JavaScript file which loads some array with those JSON files.

I have been checking out some .htaccess examples around, using codes like the one below.

I have a folder called data with the JSON file: localhost/myWebsiteFolder/data/fileToProtect.json

So I created a .htaccess file in that folder whose address is localhost/myWebsiteFolder/data/.htaccess

And its content is:

   <FilesMatch "\.(htaccess|json|php)$">
 Order Allow,Deny
 Deny from all
 Allow from "localhost/myWebsiteFolder/*.*"
</FilesMatch>

The file becomes restricted but I can’t access it from another file…

I’ve trying with another example and I get similar results.

Sebastian Simon
  • 18,263
  • 7
  • 55
  • 75
user2776893
  • 3
  • 5
  • 2
    This can't be done... HTTP is stateless and doesn't care where it is being called from. You could check the refer header but than can be spoofed. – Joe Doherty Mar 04 '16 at 14:37
  • 1
    I am curious on what `allow access from a .js file` means here. – apokryfos Mar 04 '16 at 14:49
  • Related questions: [htaccess - Deny access to folder but allow access to file via php](http://stackoverflow.com/questions/26742510/htaccess-deny-access-to-folder-but-allow-access-to-file-via-index-php?rq=1) and [deny direct access to a folder and file by htaccess](http://stackoverflow.com/questions/9282124/deny-direct-access-to-a-folder-and-file-by-htaccess?rq=1) – Yogi Mar 04 '16 at 15:54

0 Answers0