Vinay Sajip <[EMAIL PROTECTED]> writes:
> user could access the static site directly and try to guess filenames.
> Also, would the static site be available to crawlers? The only sure-
> fire way of providing security would seem to be to accept the cost of
> handling the image I/O on the Django si
Maybe I'm not understanding what the problem is, but why can't you
just make a new directory for each user?
> > user A uploads file 1 to /static_files//file1.jpg
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"Dja
On Fri, 2007-05-18 at 10:05 +, Guyon Morée wrote:
> Hi all,
>
> The django docs tell me i'm better of serving my static files through
> a webserver instead of django itself. This is fine, but it gives me a
> design problem.
>
> I'm letting my users upload files to my server through django. T
On May 18, 12:30 pm, Guyon Morée <[EMAIL PROTECTED]> wrote:
>
> I agree that would be nice, but wouldnt that mean that django is
> serving the files?
>
Not necessarily. The wrapper view could check permissions and issue a
redirect to the static site if the user has a right to see the image,
or r
I agree that would be nice, but wouldnt that mean that django is
serving the files?
That's supposedly not recommended.
cheers,
On May 18, 12:49 pm, "Aidas Bendoraitis" <[EMAIL PROTECTED]>
wrote:
> The most secure way, in my opinion, is to keep the files in a
> directory which is not accessible v
The most secure way, in my opinion, is to keep the files in a
directory which is not accessible via the webserver and write a
wrapper view, which would return the static files if the user within
the current session has appropriate permissions.
Regards,
Aidas Bendoraitis aka Archatas
On 5/18/07
Hi,
I made something similar by creating an Apache AccessHandler.
You can have a look at the code here:
http://www.djangosnippets.org/snippets/62/
You would have to change the permission checking to your needs, but
basically you can do anything you want inside those functions, like
check if the u
Hi all,
The django docs tell me i'm better of serving my static files through
a webserver instead of django itself. This is fine, but it gives me a
design problem.
I'm letting my users upload files to my server through django. The
filepaths are stored in a table. The files are accessible to my
w
8 matches
Mail list logo
