How to prevent external users from viewing document files

Question

How to prevent external users from viewing document files

I created an online system that allows users to download PDF files using ColdFusion. Users must be logged in before downloading files (PDF and Microsoft Office documents). (This application is intended only for employees of our company.)

However, only today I learned that anyone who has Internet access can view files. With only certain keywords, such as the "Medical form myCompanyName" in a Google search, they can view PDF files using a browser.

How can I prevent this?

UPDATE
That's my problem. I created a folder for the entire PDF file. Each of the files is called using an ID from the database. if we say that the user wanted to view the medical form, the link would be as follows: http: //myApplication.myCompanyName/forms.cfm? Department = Account & filesID = 001 .

if the user copies this URL and logs out, he / she will not be able to view this file (the login page will be displayed)

However, without a URL, other Internet users can view pdf files just by browsing them on the network, and the search engine will provide a link that directs it to the folder itself, without having to log in.

Example: A medical pdf form file is stored in a folder called Document. when an Internet user searches for a Medical Form, the search engine will link it to: http: //myApplication.myCompanyName/Document/Medical%20Form.pdf

we have many pdf files in this folder and most of them are confidential and are for internal viewing only. in php, we can disable this using .htaccess. I would like to know if there is anything like this for coldfusion?

+4

security coldfusion

dygta Dec 28 '11 at 7:14

source share

4 answers

Sergii · Answer 1 · 2011-12-28T08:26:41+0000

You can send files through the code with a single line as follows:

<cfif isAuthorized> <cfcontent file="/path/to/files/outside/of/web/root/Form.pdf" type="application/pdf" reset="true" /> </cfif>

ColdFusion FTW, right.

~~Please note that processing large files (for example, 100 MB +) may cause some problems, since the files are transferred to RAM before sending.~~ It seems that this is no longer the case, as Mike explains.

Another option is to use a content type like x-application if you want to force download.

UPD

You want to put this code in a file (say file.cfm) and use it for PDF links. Something like that:

 <a href="file.cfm?filename=Xyz.pdf">Download file Xyz.pdf</a>

file.cfm:

 <!--- with trailing slash ---> <cfset basePath = "/path/to/files/outside/of/web/root/" /> <cfif isAuthorized AND StructKeyExists(url, "filename") AND FileExists(basePath & url.filename) AND isFile(basePath & url.filename) AND GetDirectoryFromPath(basePath & url.filename) EQ basePath> <cfcontent file="#basePath##url.filename#" type="application/pdf" reset="true" /> <cfelse> <cfoutput>File not found, or you are not authorized to see it</cfoutput> </cfif>

UPD2

Added GetDirectoryFromPath(basePath & url.filename) EQ basePath as a simple and quick protection against the mentioned security problem.

Personally, I usually use the ID / database approach, although this answer was originally intended as a simple guide, not a really comprehensive solution.

Dale fraser · Answer 2 · 2011-12-28T09:33:37+0000

You need to save your PDF outside your web area.

So let's say the base of your web application

/ website / www

All http (web) requests are submitted from there.

/ website / pdf

can be by storing all PDF files. This path is not reachable through the URL because it is not served by your web server.

Then at www

you have something like

 downloadpdf.cfm?file=NameOfPDF.pdf

What does your checks do to make sure that he is the right user, and if he serves this document

 <cfcontent type="application/pdf" file="/website/pdf/#url.file#" />

Mark · Answer 3 · 2011-12-28T13:33:48+0000

Using cfcontent, pre cf8, is a really bad idea as it loads the entire file into memory before transferring it. CF8 and later streams will actually flow from disk, which eliminates the memory problem. However, if you have large files, users on slow connections and / or heavy downloads, you still have to worry about a hungry thread. Each download using cfcontent binds the thread to the load time.

Depending on your web server, you can get directions around this using the x-sendfile extension. This allows you to send an HTTP header using a file path outside your web root and process your web server by sending the file, freeing cf for further work.

Here's a Ben Nadel article on using mod_xsendfile on apache, http://www.bennadel.com/blog/2170-Streaming-Secure-Files-Efficiently-With-ColdFusion-And-MOD-XSendFile.htm and here is the equivalent IIS7 XSendFile https plugin : //github.com/stakach/IIS-X-Sendfile-plugin

Mike henke · Answer 4 · 2011-12-28T14:26:07+0000

You can check the code snippet for CFWheels SendFile () helper tag http://cfwheels.org/docs/1-1/function/sendfile

https://gist.github.com/1528113

How to prevent external users from viewing document files

More articles: