Currently preview iframes mostly work due to a recent fix of the program code.
However.
We need to rework the fix sligthly.
This is what happens. If we link to an existing document e.g. test.png
The correct link something that looks like "courses/courseid/versod/test.png".
This works in the current install, but it is considered a bug, since the contents of that folder currently is not properly protected. The formally correct way to do this is to go via showdoc and to use apache to write protect direct downloads from the courses folder.
This is the way that it is supposed to work, no direct acces to files by typing in the address bar, but rather through showdoc.
So: the link in the preview iframe should be rewritten to something like yadyada/showdoc.php?test.png
Currently preview iframes mostly work due to a recent fix of the program code. However. We need to rework the fix sligthly.
This is what happens. If we link to an existing document e.g. test.png
The correct link something that looks like "courses/courseid/versod/test.png".
This works in the current install, but it is considered a bug, since the contents of that folder currently is not properly protected. The formally correct way to do this is to go via showdoc and to use apache to write protect direct downloads from the courses folder.
This is the way that it is supposed to work, no direct acces to files by typing in the address bar, but rather through showdoc.
So: the link in the preview iframe should be rewritten to something like yadyada/showdoc.php?test.png