Forum: Ruby on Rails What's the best way to protect images from the public?

Hey all!

Im building an app at the moment in which users can upload images of
themselves.

The problem is, because these images are stored in the public
directory they are open to the public.

How can I protect these images but still allow access to them in my
views?

thanks

Gavin

On Fri, Jul 3, 2009 at 12:40 PM, Gavin<gavin@thinkersplayground.com> 
wrote:
> views?
>
> thanks
>
> Gavin

You'll need to explain protect but still allow access.
You could store them in another directory and then use send_file to
send the file after some form of authentication.
You can also do this with nginx (better scalability) via the method I
explain on my blog at
http://ramblingsonrails.com/how-to-protect-downloads-but-still-have-nginx-serve-the-files
A similar method exists for Apache.

Andrew Timberlake
http://ramblingsonrails.com

http://MyMvelope.com - The SIMPLE way to manage your savings

Sorry,

by "still allow access" I simply meant that I could still refer to the
images in my HTML. ( <img src='/images/pic.jpg'> )

send_file isn't appropriate here ( as far as I'm aware ).

Suppose my profile image is located at "images/3.jpg". I want to
prevent users from then visiting "images/4.jpg" and checking out
pictures they don't have access to.

So far, encypting the image name seems to be the only solution.

ie- "images/8dfa7dg6g82h9dhn9njn23knjkknsdf9.jpg"

Making it a little more difficult to 'guess' the picture url.

Anybody know of a better way to handle this?

Gavin

On Jul 3, 1:45 pm, Andrew Timberlake <and...@andrewtimberlake.com>

Gavin Morrice wrote:
[...]
> send_file isn't appropriate here ( as far as I'm aware ).

Why not?  It sounds like exactly what you want -- a way to send an 
arbitrary file that isn't in the public directory.

> 
> Suppose my profile image is located at "images/3.jpg". I want to
> prevent users from then visiting "images/4.jpg" and checking out
> pictures they don't have access to.

Then don't put the images in the public directory.  The public directory 
is, well, public.

> 
> So far, encypting the image name seems to be the only solution.
> 
> ie- "images/8dfa7dg6g82h9dhn9njn23knjkknsdf9.jpg"
> 
> Making it a little more difficult to 'guess' the picture url.

This could work too.

Best,
--
Marnen Laibow-Koser
http://www.marnen.org
marnen@marnen.org

> Why not?  It sounds like exactly what you want -- a way to send an
> arbitrary file that isn't in the public directory.

Isn't send_file for streaming the file to the user though?
I'm only looking to load the image on screen, I don't want the users
to actually download a copy of the file.

Thanks

Gavin

You can send a file inline without streaming for an image (I'm using
this in an application):

send_file path, :type => 'image/jpeg', :disposition =>
'inline', :stream => false

HTH,
Nicholas

Alrighty...

Was not aware of that.
I think in this case it's best to go with the encrpted filename
option because I'll might have loads of images to render per page.

Thanks for your help guys.

Gavin

> option because I'll might have loads of images to render per page.

^ apologies for the crap grammar - writing in a hurry today

Just so you know, with the x-sendfile option:

:x_sendfile - uses X-Sendfile to send the file when set to true. This
is currently only available with Lighttpd/Apache2 and specific modules
installed and activated. Since this uses the web server to send the
file, this may lower memory consumption on your server and it will not
block your application for further requests. See
http://blog.lighttpd.net/articles/2006/07/02/x-sendfile and
http://tn123.ath.cx/mod_xsendfile/ for details. Defaults to false.

Thanks Nicholas,

I have used send_file before, but I had no idea that the 'inline'
option was available.

You've also helped answer the problem I've had with my mp3_player
plugin (http://handyrailstips.com/tips/7-playing-mp3-s-on-your-rails-
site-with-mp3_player)

Thanks again :)

Gavin