Is it possible to create a download link for a file on another site and change the file name? Can it be done without proxying it through my server? I'd like to achieve it without any additional bandwidth cost if possible.
EDIT:
Just an idea but can it be achieved with a flash downloader of sorts?
You could fake it using a header redirect header("Location:http://....."); but the download process will probably show the real URL nevertheless - will depend on the client.
There is the Content-Location header but according to this blog post, it is used to specify an alternative location for the same content about to be received here, which makes it useless as a redirection tool.
The only other way I know is indeed through proxying.
Related
I'm trying to build a basic web application using the Dropbox API. I have the file upload/folder listing etc. working but cannot find in the documentation how to force the file to download to the user's browser. Is this possible?
If it is can someone point me in the right direction? I'm using the standard PHP SDK.
Dropbox.com: How do I force a file to download from the web
Force a file or folder to download
To cause the browser to download a file or folder rather than display
it, you can use dl=1 as a query parameter in your URL. For example:
https://www.dropbox.com/s/qmocfrco2t0d28o/Fluffbeast.docx?dl=1 Note
that the original share link URL may contain query string parameters
already (e.g. dl=0), so app developers should make sure to properly
parse the URL and add or modify parameters as needed.
And if that doesn't suffice you can check Wikihow: How to Force a File to Download from the Web on Dropbox, with nice screenshots.
If this is not what you had in mind you have clarified that in your question. You still can do that now.
I am trying to develop a RESTFUL API call in PHP , where someone will send me a file through the URL to upload
something like:
script.php?file_name=text.txt
is there away I can take text.txt and upload it in PHP?
To clarify:
lets put it this way , what are the ways that a end user could send a file to a PHP program?
The problem with this is that the REST server is not aware of the end user's machine in any way. So, say for instance that your end user is at yoursite.com/upload where they fill out a form with the upload credentials which posts to api.yoursite.com/uploads/do or whatever. As far as the api is concerned, yoursite.com is making the request, not the end user.
So, no. In my opinion there is no safe way to do this. The best alternative would be to upload the file and then HTTP POST the contents to the rest server. That can be tricky if the file is much larger than a few kilobytes, and you would want to do all sorts of security checking before writing the file to the server. The other option would be to use yoursite.com to upload the file to a temporary location and then send some information to the rest server with details on out to CURL the file contents from the first server. Also, can be insecure.
What problem are you trying to solve? What language framework? Can you give more details please?
I have url where i host my webinars which is provided by webinar hosting provider. I would like to change that url to something within my domain.
For eg. The webinar url is something like
http://www.onlinemeetingnow.com/seminar/?id=d181a7640e
i would like to change it look something within my domain.
www.mywebsite.com/webinar
Is this possible?
The simplest way of doing this would be to create a PHP script at the desired URL that simply does a readfile () of the target URL. That would give the appearance that your site is hosting the remotely hosted content.
<?php
readfile ('http://www.onlinemeetingnow.com/seminar/?id=d181a7640e');
?>
This approach does require allow_url_fopen to be enabled, which it might not be for security reasons. It also has issues regarding such things as cookies, for example. Say you are using this trick to link to a remote site that requires a login and uses cookies to implement it, people who are logged into the remote site would appear not to be logged in, as their cookie wouldn't be sent to the remote site when you readfile () it.
You could use curl instead, as you have a bit more control, and it doesn't require allow_url_fopen. It still wouldn't be ideal though.
If you can configure your server, you could possibly use something like proxypass or URL rewriting to hide the remote URL.
Other solutions include using an iframe to display the remote site, or using AJAX to load the remote page's markup and inject into your page, but these approaches have their own set of issues that you need to take into account.
In the end, is it really worth the effort needed and the compromises you will have to make to just have the URL appear to be locally hosted when it isn't?
Maybe you want to create that page(s) on your own site and within that page you load the onlinemeetingnow url. This can be done with an iframe or such or you can get the html code from the page (with Curl or something) and than load that into your own page.
I have several programs linked and hosted on my server. I need to protect the URLs from being stolen and placed on other sites because they'll use my bandwidth.
How can I do that in PHP?
Should I just check referrer or do something else?
If you have the binary files on your server, and someone gets the address, you can't use PHP to prevent them from downloading them. You want to protect them at the web server level. Assuming you're using Apache, looking to doing this with custom .htaccess directives.
This question, involving the direct download of MP4 videos, may point you in the right directions:
Disable hot linking or direct download of my videos and only stream the video when it's displayed from a page in my website
If you don't want them downloaded/stolen, then don't put them on your site.
On the plus side, if they are stolen, then your bandwidth will only get used once. Checking referer is easiest to do, and also easiest to bypass/subvert.
If you're concerned that your server is only hosting the files but users who download it don't see where it comes from, you can do the following:
check for the referrer. This can be fooled, however, if you're concerned about links from forums etc., this is an option.
Basically you're checking if the HTTP referer header is set and matches your site's pattern. If not, you could block the traffic, however, if you actually want to offer downloads, I would not block the user.
Instead you can display a download facade-page with your site design and offering the download then. With some session logic, you can allow users to download files.
This can be done to build a much better hotlinking checker than based on http headers as well.
I have a two part question. The first I think I have an okay answer to....
I am looking to force an external program to be called up to view a configuration file for an application my company is working on. The basic gist I guess is to set the Content-type header to type that your application is associating with, and then serving the contents of the file. I was thinking its simply structured like this:
<?php
Header( "Content-type: application/blahtype" );
?>
output of xml configuration file goes here...
Any other best practices here? Obviously the user is going to have to allow the external application access to this file universally in all browsers, unless they have a plugin installed in their browser that will handle the content-type, like adobe pdf. This isn't viable for our company right now, so we're willing to live with the confirmation screen.
The second part of the question is a little bit more complex, I think. How do we detect if the user has the application installed, and if they do not, serve them different content (a sign up page, or the application executable itself)? I'm not wondering about the logistics of serving different content, but simply the detection process. Is it possible for an application to install a lifetime cookie in the browsers cache installed on the machine? That's not a perfect solution, because the user could clear their cache of course. How else can we accomplish this?
Examples of programs that do this are Amazon MP3 Downloader (I've actually gotten into a bad state with this once or twice), and iTunes U. You can see iTunes U example on Stanfords CS193P page here: http://www.stanford.edu/class/cs193p/cgi-bin/index.php
Much appreciate any advice,
Josh
For part 1 of your question, as long as your application is correctly registered to handle that MIME type, then, yes, the browser should [prompt the user and launch your application](http://msdn.microsoft.com/en-us/library/ms775148(VS.85).aspx "MSDN: Handling MIME Types in Internet Explorer").
An alternative approach would be a [protocol handler](http://msdn.microsoft.com/en-us/library/aa767914(VS.85).aspx "MSDN: Registering an Application to a URL Protocol"). Instead of registering a MIME type for your application, you register a “protocol” that goes in a URL, in place of the http://. If your protocol is called myapp, then you could create links like this:
Link
While you can only pass a small amount of information this way, you could pass a GUID or tag that the application, once launched, can use to retrieve the full document from your server.
Edit: For part 2 of your question, iTunes uses a plug-in. Looking at the code that’s used to redirect to iTunes, you’ll see something like this:
<Object id="iTunesDetector" height="1" classID="CLSID:D719897A-B07A-4C0C-AEA9-9B663A28DFCB" width="1"></Object>
It’s followed by some JavaScript to detect whether that plug-in was loaded. If it was, then iTunes must be installed and it launches iTunes using the itms: protocol (just like the myapp: protocol in the example above).
The problem here is, you would have to write a browser plug-in.
It may be a good idea to look into using browser extensions for things like this.