Question

Image access from url

0

I have a project that stores images with a certain url. The image should only be available to the user that uploaded it, but when the url is directly put in the browser url bar it will show the image no matter what. I have taken a look in fixing this with a requesthandler but can't find any usefull documentation. Is there any way to do this?

asked 2018-01-23

Thijs de Beijer

3 answers

Ronald Catersels · Answer 1 · 2018-01-23

Retrieving the Image should be done with a deeplink. In the microflow of this deeplink check if the owner of the image is the same then the one requesting it again. Otherwise deny that user the download.

Regards,

Ronald

Thijs de Beijer · Answer 2 · 2018-01-25

I found the problem is in the cache. When the application is first loaded and you do not log in as the user who uploaded the image, it's impossible to reach the image. But as soon as you log in the image is saved in browser cache and you can view it whenever you want. Is there a way to block the image from saving in the cache?

Johan Flikweert - old account · Answer 3 · 2018-01-25

It should not be possible to view a file which a user doesn't have access to.

You can influence the browsers cache in Mendix: https://docs.mendix.com/deployment/on-premises/deploy-mendix-on-microsoft-windows#5-6-adding-the-cache-control-no-cache-header