2013/6/5 A T.Khan <atkhan...@gmail.com>
> I have already a Django setup running (you guessed it devstack), and it
> works fine. I have done plenty of editing already. But now I want to add a
> download button on a page, and by clicking to it, a file should be
> downloaded. Seems simple enough, but right now what I have done is adding
>
> <a href="{{ MEDIA_URL }}/test.file" %}" class="btn-download">{% trans
> "Downloadl" %}</a>
>
> in one of the files. This works perfectly ... however this link works but
> It is simple html encoding, and it works even when I am not logged in,
> bypassing the entire purpose of file security. I have tried to embed the
> code in some py files but then it gives me debug error.
>
Note that while Django can perform really well, serving *files* is a job
best left to the webserver itself. Take a look at django-sendfiles [1].
With it, you can use Django to test whether the user has permission to
actually download the file, and then let the webserver serve the file
transparently to the end user.
[1] https://github.com/johnsensible/django-sendfile
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
