Re: Confusion on HTML visibility
- From: Sig <ivanlid@xxxxxxxxxxx>
- Date: Fri, 4 Jan 2008 20:54:37 -0800
On Fri, 4 Jan 2008 10:14:25 +0000 Toby A Inkster said
Sig wrote:
You overlooked what I said about the session variable. Perhaps I should
have mentioned that the session variable is set under password control
on a previous page.
No, I did not. The session variable is simply a cookie as far as my
browser is concerned.
If I've acquired this cookie -- and we can assume that I have, given that
I've seen the image via an <img> tag (that's the entire premise of this
thread) -- then my browser can (and by default will!) send the cookie when
making a direct request for the image.
OK, I now see that our disagreement is philosophical rather than technical. If
we hold the world constant (including session variables) you are correct. If we
want a way to hide an image from unauthorized viewers, then I am correct.
I don't say I solved the OP's problem, he did say
To put
it another way, is there a method to allow an HTML script in the document
root to see and image (or file or whatever) and still prevent access to
that resource?
I think my approach does that. He said nothing about holding the world
constant, and I assumed it was unauthorized viewers he wanted to prevent.
--
http://koiclubsandiego.org/comment/?r=8
.
- References:
- Re: Confusion on HTML visibility
- From: Toby A Inkster
- Re: Confusion on HTML visibility
- From: Sig
- Re: Confusion on HTML visibility
- From: Toby A Inkster
- Re: Confusion on HTML visibility
- Prev by Date: Re: Update to my old 3 column layout template
- Next by Date: Re: Breaking in IE6
- Previous by thread: Re: Confusion on HTML visibility
- Next by thread: Re: Netscape Browser Will No Longer Be Supported
- Index(es):
Relevant Pages
|
Loading
