07-10-2012, 06:41 PM
I have an application (in ColdFusion) that will re-create or re-index a Solr collection, when run, and I'm using .txt files to keep a history of when the app was run and what type (re-create or re-index) as well as the IP address of whomever ran it. Due to security reasons, I cannot keep these files where they can be accessed via browser, so I figure the best place to write them to is in the same directory where the server keeps its logs.
07-10-2012, 08:05 PM
??? Makes no sense to use JS for this. JS is running in a browser in somebody's laptop in an airplane flying over Iceland. Your server is located in a web farm in Arizona. Even if this was possible, don't you think that allowing JS to see the server's disk layout is a bigger security risk than having the logs in the same directory?
ColdFusion runs on the server. Use CF code to find the logs, not JS.
Or here's a sneaky trick: Instead of keeping the log in a ".txt" file, keep it in a CF file. And have the first line in that file be a CF statement that redirects immediately to, say, google.com. So even if somebody accidentally discovers the file, by name, when they try to load it the CF processor will see that first line and send them off to Google.
Also, I don't know what ISP you are using, but *MOST* ISPs will give you a directory that can *NOT* be read from the web but can be read by the server-side scripts.
If you have your own server, this is easy to set up, also.
07-10-2012, 08:25 PM
I am working a job that requires a security clearance, and have no control over the permissions on folders. They don't give folders outside of the webroot to use, plus the fact that development is on Windows but the publicly accessible pages are on Unix, so a dynamic determination of the log folder would be the best scenario for what I am proposing. And I know JS isn't the BEST way to do it, I was just curious if it were possible. I'll keep looking for a CF solution.
From one Heinlein fan to another, thank you. :)
07-10-2012, 09:16 PM
But I would be willing to bet that your CF code then does *NOT* have permission to write to the OS log folder! Heck, even on the dedicated server we use our web code has no permissions to the OS folders, AT ALL. You said "They don't give folders outside of the webroot to use" so I'd give you some fairly nice odds that the OS log file folders are *DEFINITELY* verboten for web use!
Look at my suggested hack: If the file you use to keep the history in is itself a CF file and if it has that REDIRECT as the first thing in the CF code (that is, before the history, per se, starts) that should work just fine!