search

Leuchtfeuer / typo3-secure-downloads

Secure your assets and data from unwanted download. Apply TYPO3 access rights to ALL file assets (PDFs, TGZs or JPGs etc. - configurable) - protect them from direct access.
https://www.Leuchtfeuer.com
GNU General Public License v2.0
21 stars 35 forks source link

Configuration securedDirs cant be empty, if only createFileStorage is used #184

Closed npoggenburg closed 1 year ago

npoggenburg commented 1 year ago

Describe the bug

Setting securedDirs to empty, to only secure the File Storage created with createFileStorage results in the default typo3temp|fileadmin beeing secured. There is no way to not secure any folder. Setting securedDirs to none ofc works, if no folder named none exists.

    'secure_downloads' => [
        'allowPublicAccess' => '1',
        'cachetimeadd' => '3600',
        'checkAccess' => '0',
        'checkDirs' => '0',
        'createFileStorage' => '1',
        'documentRootPath' => '/',
        'enableGroupCheck' => '0',
        'excludeGroups' => '-1,0',
        'forcedownload' => '0',
        'forcedownloadtype' => 'odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz',
        'groupCheckDirs' => '',
        'linkPrefix' => 'securedl',
        'log' => '0',
        'outputFunction' => 'stream',
        'protectedPath' => '',
        'securedDirs' => '',
        'securedFiletypes' => 'pdf|jpe?g|gif|png|odt|pptx?|docx?|xlsx?|zip|rar|tgz|tar|gz',
        'skipCheckConfiguration' => '0',
        'strictGroupCheck' => '0',
        'tokenPrefix' => 'sdl-',
    ],

Environment (please complete the following information):

balasch commented 1 year ago

Fixed in https://github.com/Leuchtfeuer/typo3-secure-downloads/releases/tag/v5.0.3