Obfuscate filenames better, double rate limits

author: Eugen Rochko <eugen@zeonfederated.com> 2017-03-14 15:59:21 +0100
committer: Eugen Rochko <eugen@zeonfederated.com> 2017-03-14 15:59:21 +0100
commit: 02349b32696d6559ed64dbe4f401892d5fa5ddf7 (patch)
tree: c521c1b6aeab67ace70ca1994f3eb412c7136f0d /app
parent: 952bce302373c6903458c2a11236ae145e0bea71 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/concerns/obfuscate_filename.rb b/app/controllers/concerns/obfuscate_filename.rb
index dde7ce8c6..9c896fb09 100644
--- a/app/controllers/concerns/obfuscate_filename.rb
+++ b/app/controllers/concerns/obfuscate_filename.rb
@@ -13,6 +13,10 @@ module ObfuscateFilename
     file = params.dig(*path)
     return if file.nil?
 
-    file.original_filename = 'media' + File.extname(file.original_filename)
+    file.original_filename = secure_token + File.extname(file.original_filename)
+  end
+
+  def secure_token(length = 16)
+    SecureRandom.hex(length / 2)
   end
 end
author	Eugen Rochko <eugen@zeonfederated.com>	2017-03-14 15:59:21 +0100
committer	Eugen Rochko <eugen@zeonfederated.com>	2017-03-14 15:59:21 +0100
commit	02349b32696d6559ed64dbe4f401892d5fa5ddf7 (patch)
tree	c521c1b6aeab67ace70ca1994f3eb412c7136f0d /app
parent	952bce302373c6903458c2a11236ae145e0bea71 (diff)