[TYPO3-dev] Filemount / Filelink-Concept
Brice Bernard
brikou at gmail.com
Mon Jan 9 16:47:14 CET 2006
I thought maybe it could be interesting to make some kind of extension wich
could generate on the fly .htpasswd file based on the group permissions?
2006/1/9, Kasper Skårhøj <kasper2006 at typo3.com>:
>
> I think its a good idea and someone could describe a solution in more
> details.
>
> I think extending the filemount table is not needed since you can
> already mount absolute paths. The only requirement is that the
> absolute path is within a "lock" directory set up in TYPO3_CONF_VARS.
> But it makes very much sense to NOT change this for security related
> reasons.
>
> Thus, all you need is sweet-talk Stanislas/Rene Fritz work on the RTE/
> Element browser + integrate support in typolink for detecting links
> to files outside PATH_site.
>
> - kasper
>
>
>
> On Jan 9, 2006, at 15:05 , Daniel Brün wrote:
>
> > Hi list!
> >
> > Every now and then a client asks for secure downloads or downloads
> > from
> > some not-www-accessible directory. Basically this means storing the
> > files in some directory that the webserver will never deliver to
> > the world.
> > There are already two extensions that deal with this issue
> > (rlmp_securedownload and nf_downloads), but both of them are poorly
> > integrated with TYPO3 and not very intuitive to use (no point-and-
> > klick).
> >
> > That's why I could imagine the following:
> >
> > When setting up a filemount I can define several additional options,
> > such as "Directory not www-accessible" or "FE-Groups".
> > Whenever an author creates a file-link in the RTE and links to a
> > protected file, the link automagically points to a download.php-file
> > which takes care of reading the file from the FS and delivering it.
> > The
> > download-Script should also check for the required permissions. All
> > parameters (filename, filemount-id) should be encrypted using the
> > standard encryption string and passed to the script as simple
> > GET-Parameters.
> >
> > This would also make a lot of sense _without_ setting FE-Groups at
> > all,
> > because this way one could deliver files from locations that are not
> > accessible via www (in some cases, eg. in Windows, symbolic links can
> > not be used!).
> >
> > In order to achieve this functionality, some code would have to be
> > extended:
> > 1. Extend filemount-table
> > 2. Extend link-dialogs (RTE, htmlarea...)
> > 3. Extend rendering (typoscript-FE)
> >
> > All in all this sounds like heavy XCLASSING, which is no option for me
> > and leads to the conclusion that this would be a great feature for
> > the core!
> >
> > What do you think?
> >
> > Cheers,
> > Dan
> > _______________________________________________
> > TYPO3-dev mailing list
> > TYPO3-dev at lists.netfielders.de
> > http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev
>
> _______________________________________________
> TYPO3-dev mailing list
> TYPO3-dev at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev
>
--
- Brice -
More information about the TYPO3-dev
mailing list