Project

General

Profile

Actions
Copy link

Feature #12368

closed

attachements should be viewable NOT downloadable for restricted users.

Added by ahsan akhter over 12 years ago. Updated over 12 years ago.

Status:
Closed
Priority:
Urgent
Assignee:
ahsan akhter
Category:
Attachments
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Invalid

Description

I am new in redmines and I have requirements for my project.
"Attachements should be viewable NOT downloadable for restricted users".It as a security hole for my project.
Please anyone help me to resolve this issue.

Actions
Copy link
 #1

Updated by Etienne Massip over 12 years ago

Do you mean to see the name of the attachment only? Or to have their contents viewable in browser?

Actions
Copy link
 #2

Updated by Etienne Massip over 12 years ago

  • Status changed from New to Closed
  • Resolution set to Invalid

BTW, see #7750.

Actions
Copy link
 #3

Updated by ahsan akhter over 12 years ago

  • Status changed from Closed to Reopened

Yes,attached documnet's contents viewable in browser.
Just like google docs.
Thanks Massip!!!

Actions
Copy link
 #4

Updated by Etienne Massip over 12 years ago

  • Status changed from Reopened to Closed

What's the distinction from a security POV between being able to see contents but not to download the file?

Actions
Copy link
 #5

Updated by ahsan akhter over 12 years ago

  • Status changed from Closed to Reopened

if downloads allows then restricted user can copy the original physical file from one location to another and it can be uses illegally.
I want just they can view the content on the browser only.

Thanks Massip to ur response.

Actions
Copy link
 #6

Updated by Etienne Massip over 12 years ago

ahsan akhter wrote:

if downloads allows then restricted user can copy the original physical file from one location to another and it can be uses illegally.
I want just they can view the content on the browser only.

If they can see the contents then they'll be able to copy/paste it in a new file on their HD which will eventually be a copy of the original file, I still don't get it?

Actions
Copy link
 #7

Updated by fangzheng (方正) over 12 years ago

I think this requirement should not be done by redmine platform.
A popular method is, using a flash object to show the file content (image, text, etc).

Actions
Copy link
 #8

Updated by ahsan akhter over 12 years ago

Thanks Massip and fangzheng for your kind response.......!

Actions
Copy link
 #9

Updated by Etienne Massip over 12 years ago

  • Status changed from Reopened to Closed
Actions
Copy link

Also available in: Atom PDF