Open jonas-hoebenreich opened 1 week ago
@jonas-hoebenreich thanks for raising this issue :-) With private files you mean e.g. the temporary download link for the responses download? Or also the files provided by survey participants as file uploads?
Ah, good point. Do be honest I don't really care about survey participant file uploads, I guess the current approach does work for them. Maybe just rename the files to something random to avoid that links can guessed. My concern are mainly response exports that contain sensitive data.
Is your feature request related to a problem? Please describe.
Currently, the same S3 bucket is used for both private data (file exports) and public assets (uploaded images). This approach has several drawbacks:
Describe the solution you'd like
Benefits:
Describe alternatives you've considered
No response
Additional context
No response