Ruby on Rails Friday, September 30, 2011

> :s3_permissions => :public
> in your has_attached_file call.
> But if you pass :private instead, then the file can only be accessed
> through your S3 credentials. Okay, now only your app can read it. But
> that's what the expiring_url method is for. That gins up a one-time
> token that expires in N minutes, and allows one download during that
> window, after which it simply won't work at all. Your keys are used to
> create this token, but it's a one-way hash so you don't have any leakage
> possible of your actual credentials.
> Walter

I think the only problem I have left is that I was hoping to not use S3
and be able to store the files on my own server.

Posted via

You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

No comments:

Post a Comment