diff options
Diffstat (limited to 'activestorage/app/controllers/active_storage/blobs_controller.rb')
| -rw-r--r-- | activestorage/app/controllers/active_storage/blobs_controller.rb | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/activestorage/app/controllers/active_storage/blobs_controller.rb b/activestorage/app/controllers/active_storage/blobs_controller.rb new file mode 100644 index 0000000000..05af29f8b2 --- /dev/null +++ b/activestorage/app/controllers/active_storage/blobs_controller.rb @@ -0,0 +1,22 @@ +# Take a signed permanent reference for a blob and turn it into an expiring service URL for download. +# Note: These URLs are publicly accessible. If you need to enforce access protection beyond the +# security-through-obscurity factor of the signed blob references, you'll need to implement your own +# authenticated redirection controller. +class ActiveStorage::BlobsController < ActionController::Base + def show + if blob = find_signed_blob + redirect_to blob.service_url(disposition: disposition_param) + else + head :not_found + end + end + + private + def find_signed_blob + ActiveStorage::Blob.find_signed(params[:signed_id]) + end + + def disposition_param + params[:disposition].presence_in(%w( inline attachment )) || "inline" + end +end |