Temporary, one-off URLs

philiprhoades · May 1, 2023, 11:45am

People,

I have a public Jekyll site where I would like to have some pages / directories more protected - I am thinking:

Trying to access a particular URL causes a pop-up box to request the person’s email address
The entered email address is checked against a list of authorised emails
For an authorised email address request, a one-off, encrypted URL is generated and emailed to the person

How to do this? Could the encrypted URLs be symlinks to the actual URL where the symlinks would get deleted after 24 hours or something?

Thanks,

Phil.

pcouy · May 1, 2023, 2:23pm

You wouldn’t be able to do that with Jekyll, which is a static site generator. This means that once generated, your site will stay the same until next build.

Doing what you described would require server-side code to be run for the login process and for sending emails. I don’t know how experienced you are with web technologies, but if you don’t know how to use server-side code, I recommend you look at a PHP tutorial, which should be a good starting point.

chuckhoupt · May 22, 2023, 11:40am

A fully static option might be to encrypt the secret portions of a page, and use Javascript’s Web Crypto API to decrypt based on a password provided by the user. Web Crypto info:

philiprhoades · May 25, 2023, 3:30pm

Chuck,

Ah interesting! I will have a look at that . .

Thanks!

Phil.

Topic		Replies	Views
Password protect pages by hashed permalink Help	3	4498	June 18, 2018
Support for fixed custom GET parameters as permalink	1	2054	August 6, 2017
Server side data leaking in directories Help	12	1648	March 28, 2017
Build for multiple sites Help	15	2772	November 8, 2018
Recent vulnerabilities in Jekyll and Jekyll dependencies Help	8	2744	January 16, 2019

Temporary, one-off URLs

Related Topics