Forums

PyScript : how to protect .py files from being accessed from the browser?

Hi,

Pythonanywhere is serving a PyScript web application which refers to Python scripts in the py-config tag. How can I protect the .py scripts from being accessed and downloaded from the browser?

PS : I just checked : the .py scripts are only accessible in the url from within the Pythonanywhere account. They are not visible otherwise, case closed.

Just to clarify -- if you're using PyScript, which is a way to run Python code in the browser, then those Python scripts will be accessible, as they have to be sent to the browser in order to run. However, if you have a traditional Python web application, where the Python scripts run on the server (as part of, say, a Flask or Django website) then so long as you don't accidentally share the scripts (eg. with a misconfigured static file mapping) then they will only be visible to you when you're logged in to PythonAnywhere -- people who are not logged in, or who are logged in to other PythonAnywhere accounts, will not be able to see them.