> You cannot get a file outside of your project unless you symlink it inside the > project. This is also a Very Bad Thing(TM) as it may allow attackers to > request arbitrary files. You /can/ get a file outside your project. Whether this is a bad thing or not depends on why and how. I also don't think this file should be placed in the static directory. The static directory is for files that don't change after the program is installed. The media directory might be more appropriate.
If what you are doing is to dynamically create a csv file for your user to download immediately, one possible way of doing that is (untested): from tempfile import TemporaryFile csvfile = TemporaryFile() export_your_data_to_the_file(csvfile) file_size = csvfile.tell() csvfile.seek(0) response = HttpResponse(csvfile.read(), content_type='text/csv') response['Content-Disposition'] = 'attachment; filename=whateveryoulike.csv' response['Content-Length'] = str(size) return response Regards, A. Antonis Christofides http://djangodeployment.com On 2017-05-02 17:53, m712 - Developer wrote: > > You cannot get a file outside of your project unless you symlink it inside the > project. This is also a Very Bad Thing(TM) as it may allow attackers to > request arbitrary files. > What you should do instead is this: > 1) Put Data/01/export.txt to the static/ folder inside your app (with the same > folder structure if you need it that way) > 2) Build the path to your file with /static/ as prefix, i.e. > http://127.0.0.1/static/Data/01/export.txt > > On May 2, 2017 3:44 PM, Sixtine Vernhes <sixt.vern...@gmail.com> wrote: > > This is in development. I try to send url of my file in views.py : > > | > returnrender(request,"export.html",{'out':urlOut}) > | > > and in my template I have the link : > > | > Liendu <a href="{{out}}">fichier </a> > | > > but when I open it I have this link : > > http://127.0.0.1:8000/home/myuser/Data/01/export.txt > > and I want to have this to download the file : > /home/myuser/Data/01/export.txt > > Have you any ideas? > > (sorry i'm newbie in django ^^) > > Le mardi 2 mai 2017 14:04:05 UTC+2, Antonis Christofides a écrit : > > Is this in production or development? What is the url that doesn't > work? What happens when you try the url? > > Regards, > > A. > > Antonis Christofides > http://djangodeployment.com > > On 2017-05-02 11:28, Sixtine Vernhes wrote: >> Hi ! >> >> I try to create a link on Django who download a static csv file, but >> I have no idea how to do. >> In my settings.py : >> >> STATIC_URL = '/static/' >> STATICFILES_DIRS = ( >> os.path.join(BASE_DIR, "static/"), >> ) >> >> and my file is in this directory >> >> Would anyone have an idea ? >> >> -- >> You received this message because you are subscribed to the Google >> Groups "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, >> send an email to django-users...@googlegroups.com <javascript:>. > -- > You received this message because you are subscribed to the Google > Groups "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send > an email to django-users+unsubscr...@googlegroups.com > <mailto:django-users+unsubscr...@googlegroups.com>. > To post to this group, send email to django-users@googlegroups.com > <mailto:django-users@googlegroups.com>. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > > https://groups.google.com/d/msgid/django-users/j5ftp2xrd2aps3c4mtn66umn.1493736693783%40email.android.com > > <https://groups.google.com/d/msgid/django-users/j5ftp2xrd2aps3c4mtn66umn.1493736693783%40email.android.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/d73a67a4-49d9-ec8c-14f4-e3ccf44167d0%40djangodeployment.com. For more options, visit https://groups.google.com/d/optout.
