On 23 February 2011 19:03, Joakim Hove <joakim.h...@gmail.com> wrote:
> Hello,
>
> I am using Django to create an album application. I was planning to
> use djangos user system for authorization, however the final image
> viewing will be like:
>
> <img src="{{ image.url }}">
>
> Where image.url should resolve to something like
> http://static-images.com/path/to/image.jpg
>
> Here http://static-images.com is another apache virtual host which
> only serves static content. However this scheme fails miserably when
> it comes to authorization - anyone can completely bypass my django app
> (with authorization) and point their browser to:
>
> http://static-images.com/path/to/image.jpg
>
> Any suggestions of how to combine django based authorization with
> serving of static content? I am the owner of the box in question and
> can modify the apache setup way beyond my competence.
An alternate solution is to use Django to perform the authorization,
but pass the serving of the image file to the web server. This
question has come up before, so here's a link to the previous thread -
http://groups.google.com/group/django-users/browse_thread/thread/3216b31b8a03f1ca?pli=1
> Regards - Joakim Hove
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
