Secure URLs?
Permalink Browser Info Environment
Hi. How secure is each document download link? For example, if a user logs in and copies a link to a document, does that link still work even when the user is no longer logged in? Ideally we want a solution that will only allow a document to be downloaded while the user is logged in, even if they have the correct URL.
Thanks!
Thanks!
Type: | Pre-Sale |
---|---|
Status: | In Progress |
Hi. So would setting "force download" as you suggest mean the person clicking the link would have to log in to access the file? Or would it simply remove the link to the file from the notification email?
It will only remove the direct link to the file, I don't believe that it does any extra permission checks but you might want to test that with your own permission set up.
This addon doesn't make any attempt to be more secure than the default concrete5 download methods. You can set "force download" on in the display settings of the block to make the download links at least go through concrete5.
Best wishes,
Korvin