堆栈内存溢出
  简体   繁体   English

使用AS3从无法通过Web访问的服务器下载文件

[英]Using AS3 to download a file from a server that isn't web accessible

 原文  2012-08-01 10:16:31       php/ actionscript-3/ file

问题描述

I have managed to create an AS3 script that uses file.download(urlRequest); 我设法创建了一个使用file.download(urlRequest);的AS3脚本; - this is working fine when referencing a location that is web accessible. -引用可通过网络访问的位置时,此方法工作正常。 Is it possible to get flash to reference a location on the server it resides? 是否有可能使Flash引用其所在服务器上的某个位置? I want to make the files it has access to downloading as secure as possible. 我想使它可以下载的文件尽可能安全。

I realise that I can reference a PHP file in the AS3 to initiate the download but this isn't working when using a browser window within a Silverlight application so need the flash to do the downloading if possible. 我意识到我可以在AS3中引用一个PHP文件来启动下载,但是当在Silverlight应用程序中使用浏览器窗口时,此操作不起作用,因此,如果可能,需要使用Flash进行下载。

Any help is highly appreciated. 非常感谢您的帮助。

1 个解决方案

解决方案1
 0 已采纳  2012-08-01 10:30:01

Perhaps use an htaccess rule on the server? 也许在服务器上使用htaccess规则? If the request originates from a different host / server then respond with a 403 error. 如果请求来自其他主机/服务器,则响应403错误。 If the request is from the same host / server then download the file? 如果请求来自同一主机/服务器,则下载文件?

For example: 例如: 

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^www.your-site.com [NC]
RewriteRule .* - [F]

This is not the most secure method of preventing access, as referrer headers can be spoofed or disabled in browsers. 这不是阻止访问的最安全方法,因为可以在浏览器中欺骗或禁用引用标头。

Another idea: 另一个想法:

The url for the file is pushed through a php script. 该文件的网址通过php脚本推送。 If the ip address of the request is not in the database, then do not allow the file to be downloaded. 如果请求的IP地址不在数据库中,则不允许下载文件。 Use your flash to post a request to the server with an ip address (the server adds the ip to a whitelist in a database), then perform your file.download(urlRequest) ? 使用您的Flash发布到一个IP地址的服务器的请求(该服务器在数据库中增加了IP到白名单),然后执行您的file.download(urlRequest)

Again not the most secure as someone could post their ip, spoof their referrer header and THEN get the files... 同样不是最安全的,因为有人可以发布其IP,欺骗其引荐来源标头并随后获取文件...

Still, better than nothing. 尽管如此,总比没有好。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 PHP:使用基本身份验证从其他Web服务器下载文件吗? - PHP: Download file from different web server using basic authentication? Crontab不会使用PHP从FTP服务器下载文件 - Crontab won't download file from FTP server using PHP 从Web服务器文件夹下载Excel文件 - Download an Excel file from web server folder 使用 fopen 下载文件不适用于某些文件名 - Using fopen to download files isn't working with certain file names 无法从服务器下载pdf文件 - Can't download pdf file from server 如何使用PHP脚本从网站将WAV文件下载到本地服务器目录 - How to download a wav file from a web location to local server directory using PHP script 使用标头从服务器 php 下载文件 - Download file from server php using headers 使用mysql和PHP从服务器下载文件 - File download from server using mysql and PHP Laravel-使用Web服务器而不是PHP处理静态文件下载 - Laravel - Handle static file download using Web Server instead of PHP 如何不允许用户(或黑客)直接从Web服务器下载文件? - How to not allow users(or hackers) to download a file directly from web server?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM