At present, I start up red5 in linux command line ./red5.sh and it runs the script. Then I go to http://localhost:5080 demos page to set up my camera and audio input and all works fine in testing the stream both on demo page and in swf of my webpage.
Question is, do I need to include some java and/or action script for the swf player to
bypass the red5 demo page so I can directly connect my input and stream in the code of the page? Also so only logged in webpage viewers can connect?
Overall wondering if there is a way of hiding the server stream from anyone not logged in to view it on my site? I understand in webapps folder somewhere there is the hosts list of IP but it would be impossible to know the IP of the viewers as opposed to unwanted viewers or bandwidth stealers.
I am trying to set up a site for poetry readings and make it so readers can record live to my server and then logged in viewers can view from my website. I am trying to figure out whether I must have that red5 page open and if that doesn't pose some kind of risk.
Found my own way of doing this just by removing and renaming files and folders.
If you go to usr/local/red5/webapps here lies all the directories for viewing when you go to default port 5080 so I simply installed the applications I needed and then took everything out of there except those applications I wanted and needed to run. I took out all and placed it in a folder in /var directory named it red5_movedstuff in case I want access to further applications later on.Then I renamed the applications I am using in webapps folder and kept admin folder to access them but I renamed my applications and had to importantly rename also in WEB-INF for each application name change.
Now if someone goes to myip:5080 they get a blank page and by changing names of applications I've hidden my directories beyond that including list of streams.
Related
After thinking about this for 2 weeks, I have to ask this question.
I've created a NW.js app that works smoothly and nice on 7 different laptops and PCs. The app shows html videos and contains a bunch of javascripts, I've got deloped since 2 years. Alls this works fine on every laptop/PC.
Here comes the problem:
On one laptop the app works, too, but the app isn't able neither to show HTML frame contents nor to execute js scripts from a specific web domain. This only occurs with a specific domain (that I'm the owner of).
The strange thing is, that this happens only on one laptop.
The laptop uses the same internet connection as some other devices. I reinstalled the app, deleted all subfolders from the app folder, but the error is back. In the frame I see the silly message, that the website is down or moved.
You likely have a system-wide proxy configured or possibly some AV software installed on that laptop is blocking that site. Attempt to access the same URL through another browser (Chrome, Edge, Firefox, etc.) to confirm.
Could be related to your hosts file.
C:\Windows\System32\drivers\etc\hosts
That is a plain text file without an extension. You can put URL's or IP addresses in it and it will block any access to them globally on the computer.
Though Sysrage is probably right, it's more likely that you just have some AV/firewall/security software blocking stuff it shouldn't (happens all the time, they can be "over protective" sometimes)
If it is something related to your NW.js install, and it isn't happening on other machines (so you know your app code is correct), then you could try deleting the app data folder for you app. To find it's location on the computer run console.log(nw.App.dataPath). It should be something like:
C:\Users\YOUR USER NAME\AppData\Local\YOUR APP NAME
You can just delete the whole folder (make sure your app isn't running first). Then the next time you open your app it will recreate that folder (it's a chromium thing). Things like saved passwords or dev tool customization or spellcheck dictionary modifications are stored in there. So maybe there's just something funky that needs cleared out.
I have apache VM web app running locally. It's red hat.
It's PHP based but the main page is index.html. I am able to to into sub-directories for images and such, I wanted to know if it is possible for me to gain access to the directories that contain the php code, probably just one level above the images directory. Because of index.html, it forces the load, and I am unable to see server files.
Yes there used to be a trick called dot-dot-traversal that could do this. Basically you put two dots into a URL and climb above the web root. Something like http://www.example.com/../../../../etc/shadow . Occasionally a new way to exploit the vulnerability is discovered, but mostly it is rare. Unless you're running an old server, you should be pretty safe.
I have a PHP application running on a Micrisoft IIS 7 server. The application shows PDF files on an iFrame, which contains user's sensitive data that I wouldn't like to be directly accessed by anyone that knows the file address.
So basically, I'm looking for a way to protect files from direct browser access or download, but still be able to show it on the application's iFrame.
I made some research with Rewrite rules, but since the "HTTP_REFERER" of an iFrame is empty, I couldn't find a good solution
Any suggestions for this?
Thanks in advance
Without seeing any of your code, or how your application works, I can only give suggestions based on how I think your app works.
Rather than showing the files themselves, with links directly to those files, you should consider changing your application so that the PHP reads in the directory, displays the file names (however you want them to appear), with links that go to a download.php page. The download page (after checking whether the user has permission to download the file) then loads the file into memory and serves it out as a response (with appropriate Content-Disposition and Content-Type headers).
Since your PHP application can read files directly within the web directory, you can set up rewrite rules to prevent accessing those files from the web; that way, the files can only be accessed by the PHP application, which doesn't rely on rewrite rules to access the drive.
This is how places like Source Forge can display an advertisement with a countdown that your file download will begin in 5 seconds.
Is it possible for a website to automatically find a folder on usb stick and upload all the files in it to the web server by clicking only one button?
The problem is that I don't know how to make upload form automatically detect usb stick as the drive name(ie. G:, F:, etc) may vary from computer to computer, so hard coding path is not possible.
Ps. I'm using yii framework for site development, but can add a new page that will handle this in any other language as the client really wants this feature.
Web sites are not allowed to set default files to upload (it's a major security risk!). Also, web sites cannot scan the hard drive/enumerate what file systems exist on a system, again, for security purposes.
It might be possibly to do this with Flash/Silverlight/Java. Java seems the most likely to allow a web developer to do this (Java plugin seems to be quite willing to give out every permission under the Sun).
Short answer: No.
Long answer: Allowing automatic uploads in web browsers would be a huge security hole so the browsers intentionally prevent it. Even if you manage to find a hole that permits it, the browser makers will break it as soon as they find out.
However, if you have an environment where an actual separate program can be installed on the end user's computer you could easily write a program to do automated uploads of specified directories when launched.
I have created a web application in that application i have added two folder. one is admin folder and under admin i have added a upload folder. In upload folder i have three different audio's. And also i have imported DLL for Windows media player. Through this media player im able to play the audios in local host.
By giving Direct path like MediaPlayer1.Filename="C:\User\sam\waka.mp3"
But when i host the website im getting problem the page is getting refreshed but the audio is not getting played.
I have tried this path Server.Mappath(".\.\upload\waka.mp3")
and Server.Mappath("~\admin\upload\waka.mp3)
the above both paths are not working when i host the website please reply.
It's still a bit unclear, but it sounds like there's some kind of audio player in your website (an ActiveX control or something?) that's trying to reference a path on the server as though it were on the client that's loading the page. Naturally, this will work on your development machine because the client and the server are the same thing.
What's actually being rendered on the client side? What happens if you reference the audio file by its URL rather than its file system path?
Or are you trying to do something different than what I describe? Are you actually trying to play the audio on the server when the client accesses the site?