Error 403 Forbidden

Factual Questions
1

Supose I’m looking for widgets, and Google brings me to
http: //Acme/Products/widgets/datasheets/100series.pdf.

I want to see datasheets for other widgets they might have, so I type in
http: //Acme/Products/widgets/datasheets/

And I get
Error 403: Forbidden.

Trying to navigate from the home screen, I have to navigate through a bunch of splash videos and try to figure out where the datasheets are, and I may never find them.

So is this some pompous, ego happy web programmer being a jackass, or is something else going on?

2

They’ve disabled directory listings, which is standard security practice.

3

No, it is just basic web security. Each one of those paths is a file directory that may contain things are not for access by the general public. Each directory has configurable settings that control access to each file. The web page designer gives you the links to the ones that you can see.

What is more fun is when they don’t do it correctly and you can figure out how to gain access to their directory structure just by modifying links. That is the way a lot of hacking is done and good web designers do the best they can to prevent that.

4

This now-standard practice was not so standard in the early days of the web before they had it figured out. Years ago I was once able to access areas for a site that were subscriber-only areas by figuring out the file naming convention. The only security they bothered with was assuming that if they didn’t have a link for it on the site you would not find it.

5

Conversely, there’s also the concept of a hackable url where the creator is open to you figuring it out. So if you are at http://www.bigstore.invalid/locations/unitedstates/nj and it contains a list of Big Store store locations in New Jersey, you might assume that you can get a list of their store locations in Oklahoma by going to http://www.bigstore.invalid/locations/unitedstates/ok