0

I want to display the report(pdf) which was available in the webpath assume (http://myservre/reports/myrepoft.pdf). Currently, It was being displayed via IFrame like this.

strReportPDFFile = "`http://myservre/reports/myrepoft.pdf`"

<IFRAME frameborder="1" onload="onchangestate()" src="" id="ifrmShowReport" frameborder="0" height="100%" width="100%" marginwidth="0"    align="top" style="overflow: none;overflow-x: auto;display:none"></IFRAME>

document.getElementById("formContainer").style.display = "block";
document.getElementById("ifrmShowReport").style.display = "block";
document.getElementById("ifrmShowReport").src = strReportPDFFile;

The URL was displaying in the address bar which I want to hide URL. Is it possible ? If not, please suggest some better alternative.

Smaug
  • 2,625
  • 5
  • 28
  • 44
  • I guess it depends on *why* would you want to hide it? – Blachshma Feb 05 '13 at 15:13
  • 7
    What for? So nobody can steal it? It's trivial to find out even if you hide it in an iframe. The browser will have to have *some* URL so it can fetch the document – Pekka Feb 05 '13 at 15:14
  • My customer says it was potential thread. so we want to hide it – Smaug Feb 05 '13 at 15:17
  • 3
    Tell your customer that he's an idiot. :P Seriously, the only reason to do that is maybe because it would look nicer? Don't know. – freakish Feb 05 '13 at 15:17
  • It's not a threat. They probably just want to limit the number of downloads. You can for instance create a temp filename which only can be downloaded X times and the only way to get a generated file is to be logged in. – jgauffin Feb 05 '13 at 15:20
  • can you give me a sample ? – Smaug Feb 05 '13 at 15:26

1 Answers1

1

I argue that the main reason of your question (hiding the URL of the PDF file) is for security issues. E.g. you have some PDF files on your server that have to be sent and read only from intended audience and not from everybody.

I give you some basic hints on how to realize this intent:

  • place the PDF files out of the public root of your webserver
  • realize a server side script that:
    • check is the user is authenticated and have the grant to get the file
    • get some parmeters to retrieve the correct file
    • serve the file with this server side script content-disposition (as attachment, sending the correct Mime-Type and a "ficticious" URL)

Since you put C# in your question tags i address you on Add a content-disposition to the header with C#: Response.AddHeader("content-disposition", @"attachment;filename=""MyFile.pdf""");

Then you can display your pdf wherever u wish: blank page, iframe ... It is sure you'll not find a solution just working with HTML/Javascript, not one of those easly to avoid for a medium level internet user.

kante
  • 229
  • 1
  • 4
  • 13
  • Here's a full detailed desc on how to read and dispose a file in .NET: http://stackoverflow.com/questions/3889521/response-addheadercontent-disposition-not-opening-file-in-ie6 – kante Feb 05 '13 at 15:47