[imp] Fwd: Word viewerfix?? info
Eric Rostetter
eric.rostetter at physics.utexas.edu
Wed Feb 12 15:25:05 PST 2003
Quoting Ian Miller <imiller at bsd.uchicago.edu>:
> I know this has been brought up before but I thought I would ask anyways
> did anyone come up with a fix for the word viewer to see images in word doc
> attachments?
Please realize that doing this is dangerous. I make no guarantee about
what follows.
The basic idea is wvware writes the image file to /tmp, but the web server
doesn't have access to /tmp (for good reason). I think more recent versions
of wvware allow you to pick another location instead of /tmp and doing so
would be highly recommended. Make sure if you do, you make the new location
writable by your web server user, not inside any important/sensitive areas,
and of course change any references below to /tmp to the new location.
So anyway, you can make your images show up by using the following in your
apache httpd.conf file. Assumes apache, mod_rewrite, and /tmp as the
location of the image files. Restart apache after making the changes...
# Rewrite mswordview images to a valid address, and reject anything else
# in /tmp directory. We assume no important images will ever be in /tmp so
# we let them access (only) images from there...
RewriteEngine on
RewriteRule ^/tmp/msword([a-zA-Z0-9]+)\.(png|jpg|gif|pict|wmf)$ - [L]
RewriteRule ^/tmp/.* - [F,L]
# Handle msword /tmp files
Alias /tmp /tmp/
<Directory "/tmp">
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Basically it says:
* Turn on the rewrite engine (though we never actually rewrite anything).
* Allow through unchanged references to wvware image files
* Reject anything else starting with /tmp/
* Map the /tmp url to the /tmp directory (rather than <documentroot>/tmp)
* For the /tmp directory, allow access, but nothing fancy...
The above should make your word images show up, and not allow retrieving
anything except wvware images from the /tmp directory. Note: It will allow
anyone to retrieve any one elses images, if they know or can guess the file
names. So don't use this if you have sensitive data in your image files!
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the imp
mailing list