Jonne Haß
rédigé
Also redirect to it for download, for Amazon S3 compatibility. Prior to this patch an attacker could obtain an users export by guessing the filename with a high chance of success. Fully authenticating the download request is a lot harder due to our diverse deployment scenarios. This brings the used method in line with the photo export feature. Thanks to @tomekr for the report.
| Nom | Dernière validation | Dernière mise à jour |
|---|---|---|
| .. | ||
| exported_photos.rb | ||
| exported_user.rb | ||
| processed_image.rb | ||
| secure_uploader.rb | ||
| unprocessed_image.rb | ||