Hello,
how can i serve the file uploaded files (images)? What I mean I have few model with images, and I see images in the change form.
The problem is that I can see the same images by writing directly the media path in the web address. And since the model is designed to have data split between the users I do not want the images to be seen that way.
I have looked and found
https://docs.djangoproject.com/en/dev/howto/static-files/?from=olddocs#staticfiles-other-directoriesWhat I have done is to add to the url the following
url(r'^media/(?P<path>.*)$', "registracija.views.myuploadedfileview", {'document_root': settings.MEDIA_ROOT,}),
and then the view is something as:
#parse the request and try to undestand if the image is mine
if yes:
return serve(request, path, document_root, show_indexes)
else:
return HttpResponseNotFound()
This is working; what bothers me is that the serve function is, as in docs, stated to be used only in development.
But if I serve the images directly by the web server, would I bypass my security checks?
Is there any other way to achieve my means?
Thanks
Nenad