Reputation: 524
I have this in my code:
<a href = "res/pdf/sample.pdf">Sample PDF</a>
So basically it will appear to be a download link to file 'sample.pdf' but the problem is, there's a restriction in downloading this file. so whenever there are confidential reports uploaded and a malicious user accidentally memorized or viewed the URL of the download link in the browser history he can easily download it even without accessing the website because it is a direct link. What am i supposed to do so this link will be protected? or be downloaded only for the user assigned to it?
Upvotes: 4
Views: 7259
Reputation: 42450
Don't serve up files by their direct URLs. Have a PHP script receive the filename of the file wanted, and serve it up.
So, if someone wants to download the above files, he would go to
example.com/getfile?file=sample.pdf
Your PHP script would check if the current user has permission to view the file, and then serve it up.
Make your links like this:
<a href = "http://example.com/getfile?file=sample.pdf">Sample PDF</a>
Your current method is very insecure for sensitive files. A malicious user could trivially write a script to download ALL files in res/pdf
. All he needs to do is check every permutation of letters in the directory, and throw away all 404 errors.
You will not redirect the user since that would defeat the purpose. You will serve the file as a download with the appropriate Content-disposition
header.
Here's an example: Fastest Way to Serve a File Using PHP
You can google and get many more examples.
Here's a great example that shows how to serve PDF files: https://serverfault.com/questions/316814/php-serve-a-file-for-download-without-providing-the-direct-link
Upvotes: 6