[TYPO3] Noob question about secure private pages
bedlamhotel at gmail.com
Wed Jul 18 21:53:33 CEST 2007
On 7/18/07, James Corell <jcorell at e-p-c-s.com> wrote:
> Checked out both of those. Hidden pages still show if targeted directly by
> URL, and
He didn't explain it very well; you don't HIDE the page, you restrict
access to it--check the page record ("Edit page properties") for the
When access is restricted to pages, they are NOT accessible--they
return a 404 header.
> PDFs still download if the secure URL (very long) is entered.
> Direct access is not a viable option. I need a solution that *requires* a FE
There are at LEAST two other extensions in the TER for providing
secure downloads--including one based on sessions. There's not a lot
of documentation for them, but they're fairly simple to get running.
Furthermore, you can also use the TS filelink function --check the
".secure (boolean)If set, then the file pointed to by jumpurl is NOT
redirected to, but rather it's read from the file and returned with a
correct header. This option adds a hash and locationData to the url
and there MUST be access to the record in order to download the file.
If the fileposition on the server is furthermore secured by a
.htaccess file preventing ANY access, you've got secure download
Whether or not using TS directly is suitable depends quite a bit on
how you need to manage your downloads.
More information about the TYPO3-english