I'm aware RTD has a commercial version which offers Private settings.
With that in mind, why is there a "Private" version option in the community?
Public can be seen by anyone, including search bots
Protected only shows through direct link
Private mode tells me I have no permission to access my docs.
However, RTD documentation states:
Private
Private objects are available only to people who have permissions to see them.
I'm working on something I want to make open source, but I'd rather keep it Private as I compose the documentation. However, I can't figure out how to give myself permissions to read the documentation in the Private version of the docs. I'm the maintainer, so I believe that's the most I can get.
What's the point of the Private Version setting, is it private at all or just hidden? Am I missing something?
Related
I recently created a webpage using Github pages. Since I don't have a paid account, the repository necessarily needs to be kept public. I'm okay with this, except for some .jpeg files which I would like to store in a different, private repository. When I did this and tried to provide a link to this file on the webpage, it didn't work.
Is there any way to do this?
You might consider a GitHub Actions like Deploy to GitHub Pages which introduces a build step workflow.
That step can have the necessary secret to access your private repository and fetch the .jpeg files you need to add them to the built repository.
But that means those files would be stored in the publication branch of your public repository.
From a public repository, you would not be able to just "add a link" to a private repository resource, without embedding in one way or another a secret token allowing you to access said private repository.
I will host a static site (just a few pages actually) on Netlify, a cloud hosting provider. It would be my notes and may have sensitive code and API keys. I want it set up so that only I can access this site from internet and no one else. How can I block access to the static site for others?
Alternately, if I do the same with with Github Pages, is it possible to restrict access there?
You need an access control mechanism to protect your notes.
If you are running the web server doing the hosting, most web server programs (Apache and nginx are the two most popular) have built-in access control mechanisms, see link given by Carsten H or see Access Control with Apache or How to Set Up Password Authentication with Nginx (Digital Ocean guide).
If you are using Github Pages, it is possible to do access control, but a bit more tricky. You can create a Github OAuth application and ask people to authenticate using your Github OAuth app. The app will ask for their username, and check if that username matches a list of allowed Github users (probably just your Github username). If the usernames match, static content is served up, otherwise the user is redirected to a 403 forbidden page.
Also see the github-heroku-attack-rabbits project page for details of how to create the Flask app mentioned above (using flask-dance to authenticate users via your Github OAuth app). The Flask app can be hosted for free on Heroku.
Two more things to note regarding public/private repos:
If you are using Github Pages, the repository containing your notes will need to be private, otherwise the contents of your notes will be in a public repository (even if the Github Pages static page has an access control layer).
Just because a repo is private does NOT mean its Github Pages page is private. By default, a private repo's Github Pages page is accessible/readable by the public. It is up to you to put an access control mechanism in place to protect the page.
You can try the encryption route. Here, the name staticrypt really says everything (I have a demo here). It allows you to create a password for each page for your website. It used AES-256 encryption, so as far as I am concerned, a long password should suffice.
If you don't share the password, you will be the only one to view the webpage.
These are actually two questions and is good practice to ask them individually.
This is a frequently asked question and depends on your server, e.g. for Apache you can edit your .htaccess following this instructions
you need to create a private repository by checking the private repository option during the repository creation
I need to get the value of mac address and username and computer. I want to do this with networkingPrivate. But I can’t able to access it.
I wrote in the manifest.json file this:
"permissions": ["networkingPrivate"]
Generally you can't because they're private exactly for the purpose of being private, not public API. It's also whitelisted to specific extensions by Google or its trusted associates.
For your own personal use you may have success by running Chrome with a custom command line parameter --whitelisted-extension-id=abcd where abcd stands for the 32-character id of your extension as seen on chrome://extensions page when developer mode switch is enabled in the top right corner of the page. Or you can mimic a trusted extension's id by finding its manifest.json and copying its "key" to your own manifest.json.
For a public extension you'll have to use a workaround. For example, write a separate utility and invoke it via nativeMessaging API.
I have a documentation managed on readthedocs.org. Is there a way to password protect or at least make our documentation available only for some of our customers?
Unfortunately, docs hosted on Read The Docs cannot be password-protected.
The best you can do (as of now) is to set your documentation to "Private" which will show users a 404 when they navigate to your docs from the www.readthedocs.org website. However, this is extremely weak security as anyone with the actual url can still view your documentation.
From their documentation:
With a URL to view the actual documentation, even private docs are viewable. This is because our architecture doesn’t do any logic on documentation display, to increase availability.
However, you could just host the Sphinx generated documentation yourself, and that you could password protect. I would say that is definitely your best bet!
Read the Docs is really just a convenience hosting service, you can still host your documentation elsewhere, and then easily password protect it just like you would password protect anything else.
Update
Btw, the easiest way to do that is to just generate generate static .html files - using make html from the root folder. Put those HTML files up on an internally hosted web server and you're good :)
Is there a way to get files marked for public viewing in Google Drive using the API without authentication?
I know about the "downloadUrl" property, but it is a temporary URL with no reference to how long it lasts. I would like to use the API directly to get the files, and I think I read somewhere someone alluding to the possibility of calls to the API that are not authenticated for retrieving public files.
Edit: The webContentLink field of a File resource now provides this.
This is a known issue, and a big deal which we are working to fix. Currently, some sort of authentication is required, even for public files, which I think is not ideal. Sorry about that.