diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-03-14 15:59:21 +0100 |
---|---|---|
committer | Eugen Rochko <eugen@zeonfederated.com> | 2017-03-14 15:59:21 +0100 |
commit | 02349b32696d6559ed64dbe4f401892d5fa5ddf7 (patch) | |
tree | c521c1b6aeab67ace70ca1994f3eb412c7136f0d /app/controllers | |
parent | 952bce302373c6903458c2a11236ae145e0bea71 (diff) |
Obfuscate filenames better, double rate limits
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/concerns/obfuscate_filename.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/concerns/obfuscate_filename.rb b/app/controllers/concerns/obfuscate_filename.rb index dde7ce8c6..9c896fb09 100644 --- a/app/controllers/concerns/obfuscate_filename.rb +++ b/app/controllers/concerns/obfuscate_filename.rb @@ -13,6 +13,10 @@ module ObfuscateFilename file = params.dig(*path) return if file.nil? - file.original_filename = 'media' + File.extname(file.original_filename) + file.original_filename = secure_token + File.extname(file.original_filename) + end + + def secure_token(length = 16) + SecureRandom.hex(length / 2) end end |