Jump to content

ASP Pee-Wee

  • Posts

  • Joined

  • Last visited

ASP Pee-Wee's Achievements


Newbie (1/7)



  1. Dear W3Schools,Hi, I have built a form input page in HTML thathas an action to post to an ASP handler/processor.asp file. The form handler/processor .asp filecontains only <% Insert VBScript Here %> and noHTML output whatsoever.The .asp file was never intended to be a"web viewable" .asp file like an .asp home pagefile or html file would. It's supposed to befor my eyes only- not the public's howeverit does need to take info posted by the publicand do something with it on it's end.I have used VBScript/ASP3.0 to build the formhandler/processor file and would like to know howto keep someone from viewing the actual VBScriptin the handler/processor .asp file. I am aware ofobfuscation but I would like to know how to keepprying eyes from even being able to take a lookat the obfuscated code in the handler/processorfile.I realize that the server executes the .asp filefirst before outputting anything to the browser soI guess that my main concern is mostly that someonemay could "download" the form handler/processor .asp file,then view it's contents on their machine.Assuming the form handler .asp file is where it is,behind the root, and is on a windows server(no htaccess approach) how could one protect it so thatit could never be viewed or simply pulled down viaanonymous ftp or something like that?Is there something like "script only" permissions thatthe system administrator could set up for a particularfolder? Remember, with shared hosting I can't go abovethe root. If so, would the form still be able to post?How would any of you guys go about protecting theasp file in addition to obfuscation? Any help wouldbe greatly appreciated.Thanks,
  • Create New...