Ticket IDs are currently guaranteed to be unique, but nothing prevents that a new ID reuses an ID that existed just 2 seconds ago[*]. In this scenario, an user clicking on an expired link would receive the content of a new file instead.
[*] this is currently unlikely due to how the ID is generated, but possible nonetheless.
We should store ticket IDs on a new table upon expiration, for a much longer period (1 year or so), to avoid re-use.
Ticket IDs are currently guaranteed to be unique, but nothing prevents that a new ID reuses an ID that existed just 2 seconds ago[*]. In this scenario, an user clicking on an expired link would receive the content of a new file instead.
[*] this is currently unlikely due to how the ID is generated, but possible nonetheless.
We should store ticket IDs on a new table upon expiration, for a much longer period (1 year or so), to avoid re-use.