Ruby on Rails Friday, September 30, 2011

>
> :s3_permissions => :public
>
> in your has_attached_file call.
>
> But if you pass :private instead, then the file can only be accessed
> through your S3 credentials. Okay, now only your app can read it. But
> that's what the expiring_url method is for. That gins up a one-time
> token that expires in N minutes, and allows one download during that
> window, after which it simply won't work at all. Your keys are used to
> create this token, but it's a one-way hash so you don't have any leakage
> possible of your actual credentials.
>
> Walter

I think the only problem I have left is that I was hoping to not use S3
and be able to store the files on my own server.

--
Posted via http://www.ruby-forum.com/.

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en.

No comments:

Post a Comment