tags:

views:

8

answers:

1
+1  Q: 

Apache need to bypass .PDF files in here

Ok, I'm not fluent in Apache...

I have a .htaccess file setup like so:

<Files *>
    Order Deny,Allow
    Deny from all
    Allow from localhost
</Files>

RemoveHandler .php .php3 .phtml .cgi .fcgi .pl .fpl .shtml

The Problem is I am needing to use .pdf files to link to a URL like so within this directory:

<iframe name="FRAME2" src="http://docs.google.com/viewer?url=URLTOFILE.pdf&amp;reqTime=1271316295&amp;embedded=true" width="500" height="280" frameborder="1"></iframe>

So the PDF file never gets displayed/embedded as it should within the page. If I remove all lines from the .htaccess file it WORKS PERFECTLY. However, I'm guessing that that is in there for security reasons. So, is there anyway to bypass PDF files only, so that they are allowed from ALL or a way to allow it only for the google URL in here?

Please help...arggg

And before anyone asks, "URLTOFILE.pdf" is actually pointing to a VALID PDF file on my server within the same folder that the .htaccess file is located in.

Thanks :)

A:  
<Files *.PDF>
    Order Allow, Deny
    Allow from all
</Files>


<Files *>
    Order Deny,Allow
    Deny from all
    Allow from localhost
</Files>

These directive apply in the order they are specified. So, first, allow access to PDF files, and then deny everything not caught.

Borealid  2010-08-06 04:38:17
No, this is not working, changed my .htaccess file so that it says this and than the `RemoveHandler` code at the end of it all and still not working. Says: "Sorry, we are unable to retrieve the document for viewing." ARGGG! Any other suggestions? Because like I said, if I completely remove all lines of text in the .htaccess file it works fine.
SoLoGHoST  2010-08-06 04:44:30
Are you sure you got the case sensitivity right? Look in the Apache request logs to see what was actually requested. It's also possible that the Google Docs viewer is caching something.Test access with a real web browser. If you can read the file directly, the rules are working. It's also possible I got the clause order backwards, and it should be "deny everything, then allow PDF files". I can never remember.
Borealid  2010-08-06 04:46:08
Yes, I am testing in a real browser, and am clearing my cache and cookies, and history before testing each time.
SoLoGHoST  2010-08-06 04:49:47
Still not working when I change the order of the <Files> tags.
SoLoGHoST  2010-08-06 04:52:09
I can't access the apache request logs, using a sub-domain. And like I said, if I remove just the <Files *> Apache Tags, all works fine. But I still can't understand why PDF files don't get displayed unless I remove the <Files> Tags... argg. Can't you just place an ip address or something next to `localhost` to ALLOW something else besides `localhost`. I've tried http://docs.google.com, though doesn't work either.
SoLoGHoST  2010-08-06 05:00:27
Your changed code isn't working either, and switched the order around also, and is still not working. Thanks anyways :(
SoLoGHoST  2010-08-06 05:17:24

related questions

How do I add a MIME type to .htaccess?
Difference between the Apache HTTP Server and Apache Tomcat?
How do I support SSL Client Certificate authentication?
Why can't I connect to my CAS server with Perl's AuthCAS?
Cleanest & Fastest server setup for Django
Installing Apache Web Server on 64 Bit Mac
Running Apache alongside another web server?
Algorithm behind MD5Crypt
Can you compile Apache HTTP Server and redeploy its binaries to a different location ?
mod_rewrite rule to redirect all requests except for one specific path
How do I create a self signed SSL certificate to use while testing a web app.
Software for Webserver Log Analysis?
What is the difference between an endpoint, a service, and a port when working with webservices?
What are the proper permissions for an upload folder with PHP/Apache?
mod_rewrite to alias one file suffix type to another
How do you redirect HTTPS to HTTP?
Using mod_rewrite to Mimic SSL Virtual Hosts?
User authentication on Resin webserver
How do you set up Python scripts to work in Apache 2.0?
Block user access to internals of a site using HTTP_REFERER
.htaccess directives to *not* redirect certain URLs
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP