-
Welcome to the Chevereto User Community!
Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.
Please keep in mind:
- This community is user-driven. Always be polite and respectful to others.
- Support development by purchasing a Chevereto license, which also gives you priority support.
- Go further by joining the Community Subscription for even faster response times and to help sustain this space
Image path and names available for all
- Thread starter mthiel1
- Start date
- Status
When you upload something as private the url generated is like /path/<random>.ext, now... the lenght of the random string is 8 chars I believe and for esch char you have 36 possible values (A-Z + 0-9) so the possibilities are absurd big. Is 36 pow 8 which is 2821109907456 possibilities. So you are telling me that it could be guessed? Ok, it could be guessed but the computing needed is huge. If every request takes you one second it will need near 90,000 years to complete, if you take 10 request per second it will take 9,000 years... Remember that the server watchdog will notice a permanent IP doing those queries....
The only way to make the pictures 100% private is by serving all the images using PHP which may cause a lot of issues because that will demand a lot of machine because every request wil be dynamic. I think that the easiest thing to do is raise the number chars to 16 or 32 so guess the filename will be truly impossible and it will take many times the age of the universe to complete.
- Status