Re: State of Digibug module

Bharat Mediratta wrote:

Chris F-2 wrote:
> Just an idea for this. Can a random string or something unique to the server
> for that image be added to this URL.
>
> That way the full image URL can be passed to a certain function, however a
> users/system cannot "guess" any other URLs of other images.
>
> The only way you can subvert the full permission of an image is by knowing
> basically the URL plus the 'key' to that individual image.
>
> So the url would be something similar to:
>
> http://example.com/gallery3/print_photo/35/12390239bbf32f
>
> And the random keys would not be sequential or guessable.

Are you suggesting a shared-secret solution?  That only works if you
share a secret with Digibug such that only your Gallery3 and Digibug
have a copy of the secret.  Currently, Digibug doesn't offer that type
of solution.  Each Gallery 3 install has its own unique key we could use
for this purpose, but Digibug would have to implement something on their
sude to support it.

------------------------------------------------------------------------------
__[ g a l l e r y - d e v e l ]_________________________

[ list info/archive --> http://gallery.sf.net/lists.php ]
[ gallery info/FAQ/download --> http://gallery.sf.net ]