On May 18, 12:30 pm, Guyon Morée <[EMAIL PROTECTED]> wrote: > > I agree that would be nice, but wouldnt that mean that django is > serving the files? >
Not necessarily. The wrapper view could check permissions and issue a redirect to the static site if the user has a right to see the image, or render_to_response an error page otherwise. It's not ideal, since the Django site is having to take a hit for every image request, but it may be better than doing the image I/O from the Django site. However, this approach is really not all that secure - in theory a user could access the static site directly and try to guess filenames. Also, would the static site be available to crawlers? The only sure- fire way of providing security would seem to be to accept the cost of handling the image I/O on the Django site. Regards, Vinay --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
