Closed jhass closed 2 years ago
There is no need to specify a folder to share, it's your choose to share a file or a folder(meaning
all files under the folder), and you can check the option Hide download
or Password protect
if you don't want a file be accessed.
Well, I do want to share a folder and allow people to download something, that doesn't mean I want it publicly accessible by anyone guessing the path, I'd rather prefer to pick the folder for which that's possible explicitly.
I still don't see the necessity of point the folder by system(sharingpath), choose which folder it's up to you.
I am intend to achieve that by user settings.
Select always shared folder by user.
Enable/Disable token access with sharing option Set expiration date
or maybe add an option Download counts
.
@jhass What do you think?
I think 1. is what my initial suggestion is :) Add a user setting to enable this extension for a specific folder only. If set only make that folder available, if unset keep the current behavior for those that want it. Though I would almost argue a default value for the setting and just giving the option to change or unset it. I'm not sure how many users understand the implications of the current behavior :)
Yeah, got your worries, the important thing is let the user know which files is can be accessed, i will work it out.
@jhass Sorry for take this so long, v0.4.0 - nightly please take a look.
Thank you for working on this!
Unfortunately it's not what I had in mind. My problem was not that I had to mark a folder as shared in order for the extension to work.
My problem was and still is in this new version, that any folder I mark as shared is accessible by guessing the path. This is still the case in the new version, even after setting the new folder setting. So now I still have all my shared folders and files publicly accessible if somebody were to guess the path and additionally can even have another folder publicly accessible without marking it as shared. It's kinda the worst of both worlds to be honest.
On a side note it's actually quite confusing that the copy sharing path option is available on each and every file, shared in some way or not. So you can easily copy a link that won't actually work. Maybe there's a way to limit showing the option only for files that would actually be accessible.
The goal of this app is make the files be accessed easily, and the guessing path problem seems unavoidable.
It's a bit complicated to check shared file at front, but i will try.
Not sure I follow what this wants to improve over the inbuilt "share with link" option then. I don't see why all files with any sharing settings at all should fall victim to this "easy access".
So, does it work like Drobox's public
folder now in the nightly build? Cause that's what I am looking for.
My problem was and still is in this new version, that any folder I mark as shared is accessible by guessing the path.
(@jhass )
That sounds like a bad idea.
I'd love to use this, but making every file available just from guessing its path is a bit much.
One fix for this might be to just insert a file unique token, possibly just the file's checksum into the path and verifying it on access.
Yet better in my opinion would be to enforce, or at least allow to set, a specific folder that is the root folder for the extension. So rather than sharing all files of a user, share only say a folder named
public
, just like Dropbox'sPublic
folder works.