views:

16

answers:

1

I have a directory "AJAX" that has all my well AJAX content it is unformatted and ugly if you hit the pages directly. How do I stop someone from hitting http://www.site.com/AJAX/page1.php with the .htaccess file?

A: 

You don't really want to use .htaccess to block access to the content since you still need to be able to access this content from your application.

If you feel it's that important to keep people from directly loading this content you can route all traffic through a single php page like:

http://www.site.com/ajax.php?content=page1

and then in ajax.php you can restrict access to this content to only HTTP post and possibly through other means, like unique tokens. Like in the referring page create a unique token 123 and then use the url:

http://www.site.com/ajax.php?content=page1&token=123

and only serve the file if the token is still cached in memory.

While this will work, I don't see the point. If someone wants to load that page, who cares. You can't prevent them from accessing the content since you need it to run your application--they can always get it from browser cache or using a local http proxy.

Sam
Honestly I dont care. my boss does. The pages when viewed directly are unstyled and "unsightly" they get the css when they are brought in to the main page via jqeury .load. I know I could style them but he wants it this way. Ive tried passing a var to them, and I can get it to go to a 403 when hit directly but this also doesn't let them load in the main page using this on the main page <?php $_POST['foo'];?> and this on the individual pages <?php if(!isset($_Post['foo'])) header('Location:403.php')'?> is there something wrong with it?
Dirty Bird Design