Thursday, May 23, 2013

Re: Directory Protection

Hi

You can protect the image view via the web server hot link protection by make  sure the request is come from your own application, which simply checking the http referrer of the requet.

Let the web server do the static image serving, and cake for serving the app logic. 

Hope helps

Mulianto
Sent from my iPhone

On 23 Mei 2013, at 10:08, "Advantage+" <movepixels@gmail.com> wrote:

I have an" img/uploads" folder which has users profile images and such.

 

How do you go about protecting the folder so there is no access except when Cake gets the images?

So anyone can't just browse thru the directory?

 

Google search turned up MediaView so put the uploads outside of webroot, but
" As of 2.3 MediaView is deprecated and you can use CakeResponse::file() to send a file as response:"

 

Should it be set to use CakeResponse::file($path, $options = array())

Allows you to set a file for display or download

 

If so is there a simple example out there showing exactly how this would get the files and server it up?

 

$image = CakeResponse::file('where/file/is/here.jpg, $options = array())

$this->Controller->set('image', $image);

 

Thanks,

Dave

 

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

No comments: