Hi, I am using a WYSIWYG editor in a backend "cms". The editor is partly created using javascript. I am slightly concerned that the editor can be called from an external site using an absolute url to the original site. Is it possible to block the use of these files unless the call to them is made from within the original url? If so how would I do it? Can I do it from within my htaccess file, if so, how? Perhaps there is another way. I know I can change the name of the file/folder to something nobody would guess, but I would still prefer to do it more professionally.
Reply With Quote
Bookmarks