andre-d
commented
9 years ago The fragment is used as it is not sent to the server. If you send the seed to the sever you compromise the entire system as your sever can now decrypt every upload.
You could switch it instead to
/view/#seed instead and have the sever return the same html contents for /view/ On Aug 12, 2015 9:19 AM, "Z3roCoder" notifications@github.com wrote:
Currently I am wanting to make the upload-functionality usable ONLY by users that can authentificate themselves (currently via htpasswd) and do that with NGinx location in terms of
location / { proxy_pass serverURL; auth_basic "Upload-Site"; auth_basic_user_file /var/www/dl/pass.txt; } }
But now the problem is that "#" is such a special symbol that the server never knows anything about when a image is viewed and thus I can not say "When you access an image to look at it do not ask for credentials"
It would be awesome if the URL could be instead of "url/#somestring" something like "url/v/sometring" or "url/view/somestring"
Is something like that possible?
— Reply to this email directly or view it on GitHub https://github.com/Upload/Up1/issues/28.
CalaxDev
ultramancool
Currently I am wanting to make the upload-functionality usable ONLY by users that can authentificate themselves (currently via htpasswd) and do that with NGinx location in terms of
But now the problem is that "#" is such a special symbol that the server never knows anything about when a image is viewed and thus I can not say "When you access an image to look at it do not ask for credentials"
It would be awesome if the URL could be instead of "url/#somestring" something like "url/v/sometring" or "url/view/somestring"
Is something like that possible?