diff options
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/active_storage/blob.rb | 8 | ||||
-rw-r--r-- | app/models/active_storage/variant.rb | 2 |
2 files changed, 7 insertions, 3 deletions
diff --git a/app/models/active_storage/blob.rb b/app/models/active_storage/blob.rb index 3340c88d12..9196692530 100644 --- a/app/models/active_storage/blob.rb +++ b/app/models/active_storage/blob.rb @@ -56,11 +56,15 @@ class ActiveStorage::Blob < ActiveRecord::Base end - def url(expires_in: 5.minutes, disposition: :inline) + # Returns the URL of the blob on the service. This URL is intended to be short-lived for security and not used directly + # with users. Instead, the `service_url` should only be exposed as a redirect from a stable, possibly authenticated URL. + # Hiding the `service_url` behind a redirect also gives you the power to change services without updating all URLs. And + # it allows permanent URLs that redirec to the `service_url` to be cached in the view. + def service_url(expires_in: 5.minutes, disposition: :inline) service.url key, expires_in: expires_in, disposition: disposition, filename: filename, content_type: content_type end - def url_for_direct_upload(expires_in: 5.minutes) + def service_url_for_direct_upload(expires_in: 5.minutes) service.url_for_direct_upload key, expires_in: expires_in, content_type: content_type, content_length: byte_size end diff --git a/app/models/active_storage/variant.rb b/app/models/active_storage/variant.rb index d0fee3c62c..a45356e9ba 100644 --- a/app/models/active_storage/variant.rb +++ b/app/models/active_storage/variant.rb @@ -18,7 +18,7 @@ class ActiveStorage::Variant "variants/#{blob.key}/#{variation.key}" end - def url(expires_in: 5.minutes, disposition: :inline) + def service_url(expires_in: 5.minutes, disposition: :inline) service.url key, expires_in: expires_in, disposition: disposition, filename: blob.filename, content_type: blob.content_type end |