Add security or remove public access to files

Is it possible to remove the public access to the URL (https:///files//) that gets automatically created when I save a file to Parse? I would like to secure the access to these files but can’t quite determine how to go about this.

Thanks,
Frank

What is the file adapter that you are using? What is the rule you want to implement?

1 Like

I’m using the default GridStoreAdapter so a couple of collections are automatically generated for the storage in my MongoDB (fs.files and fs.chunks).

I’m just trying to prevent someone from potentially guessing the file URL and accessing it via a web browser. The URL of https://myserver.com/files/myappname/....myfile.txt is just wide open for viewing and if the data happens to need to be secured this option won’t work.

Since there is a random component in the file name, it is really hard for someone to guess the file name. There is no built-in solution to add protection layer to these files. How would you want to differentiate the user that has access to the one that does not have? You can try to write an Express.js middleware in order to add some custom logic. One idea could be the generation of temp links.

Thanks. That makes sense and I figured that would be the case. I’ll try a different approach or add the middleware option.