Python CGI how to save requested information securely?

Question

I have a web page that uses a Python cgi script to store requested information for later retrieval by me. As an example, the web page has a text box that asks "What is your name?" When the user inputs his name and hits the submit button, the web page calls the Python cgi script which writes the user's name to mytextfile.txt on the web site. The problem is that if anyone goes to www.mydomain.com/mytextfile.txt, they can see all of the information written to the text file. Is there a solution to this? Or am I using the wrong tool? Thanks for your time.

score 2 · Accepted Answer · answered Jun 16 '11 at 11:32

2

Definitely the wrong tool. Multiple times.

Store the file outside of the document root.
Store a key to the file in the user's session.
Use a web framework.
Use WSGI.

answered Jun 16 '11 at 11:32

Ignacio Vazquez-Abrams

776,304
153
1,341
1,358

score 0 · Answer 2 · answered Jun 16 '11 at 11:32

0

Store it outside the document root.

answered Jun 16 '11 at 11:32

ThiefMaster

310,957
84
592
636

Python CGI how to save requested information securely?

2 Answers2