Prevent direct access to htm files, allow access through <frame> tags

29 Views Asked by Nijn At 24 January 2023 at 12:18

I'm working with an older web application that uses the HTML4 <frame> tag to insert the navbar, content etc. in the index.php file.

I want to allow the <frame> tag to load these files, but to prevent direct access to these .htm files.

It's not possible to change any of these .htm files as they are build automatically next time the application is updated with input. So it has to be done through .htaccess I assume.

I've tried to work with the following code, but this blocks the .htm files loading into the <frame> tag:

RewriteEngine on 
RewriteCond %{HTTP_REFERER} !^https://(www\.)?domain [NC] 
RewriteCond %{HTTP_REFERER} !^https://(www\.)?domain.*$ [NC] 
RewriteRule \.(htm)$ - [F]

Frame tag section:

<frameset>
   <frame src="index.htm">
</frameset>

Original Q&A

There are 1 best solutions below

Nijn On 24 January 2023 at 14:10

Rewrote the condition to check on to the referrer (index.php).

RewriteCond %{HTTP_REFERER} !^https://example.com/index.php$ [NC] 
RewriteRule \.(htm)$ - [F]

Thanks to CBroe for clearing my mind.

Prevent direct access to htm files, allow access through <frame> tags

There are 1 best solutions below

Related Questions in .HTACCESS

Related Questions in HTML4

Trending Questions

Popular # Hahtags

Popular Questions