隐藏私有 URL 的实践方法是什么? [英] What is a practice approach to hide the private URL?
问题描述
我还没有找到解决这个问题的好方法,希望有人已经做过类似的事情.
I haven't found a good solution to this problem and hope somebody has already done something similar.
我编写了一个 javascript 程序来加载存储在我的服务器上的图像列表,但我不希望用户知道我的图像目录.
I wrote a javascript program to load a list of images stored on my server, but I don't want a user to know the directory of my images.
var img1 = new Image();
img1.src = "my_img_directory/img1.png";
var img2 = new Image();
img1.src = "my_img_directory/img2.png";
在这个例子中,用户将知道我在我的网络服务器上存储 img1 和 img2 的位置.有没有办法阻止他们看到 URL?
In this example, the user will know where I store img1 and img2 on my webserver. Is there a way to prevent them from seeing the URL?
我正在考虑用一些随机字符串替换 URL.例如,我可以这样做:
I am thinking about replace the URL with some random string. For example, I can do something like this:
var img1 = new Image();
img1.src = decode_URL("auiopjlnad103k");
但是我仍然必须用绝对路径映射该随机字符串.用户可以查看 decode_URL 如何将随机字符串转换为绝对 URL.
But then I still have to map that random string with an absolute path. A user can look at how decode_URL translates the random string to the absolute URL.
如果在客户端解密随机字符串,用户将找出私钥并能够找出 URL.
If decrypt the random string on the client, a user will figure out a private key and be able to figure out the URL.
看来我已经没有主意了.这是不能单独在客户端完成的事情吗?任何提示或帮助将不胜感激!
Look like I ran out of idea. Is this something that can't be done on client-side alone? Any tip or help will be greatly appreciate!
谢谢.
推荐答案
没有什么能阻止人们在 Firebug 等工具中简单地嗅探传入的 HTML 并查看与服务器的整个对话.
There is nothing stopping people from simply sniffing the incoming HTML in a tool like Firebug and seeing the entire conversation with your server.
另一种方法是让代理通过发送一个mine header 并从服务器端代码流式传输图像内容来发送图像.然后图像看起来像是来自 imageserver.php?id=349857348975
或其他东西.
One alternative it to have a proxy send out the images by sending out a mine header and streaming the image contents from server-side code. Then images look like they're coming from imageserver.php?id=349857348975
or something.
您将在 HTML 中使用:<img src="imageserver.php?id=349857348975"/>
You'd use: <img src="imageserver.php?id=349857348975" />
in your HTML
这篇关于隐藏私有 URL 的实践方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!