On Fri, Mar 23, 2012 at 12:11 PM, Brett Parker <[email protected]> wrote: > *if* they wanted all the photos, then spidering the site isn't exactly > difficult, see wget -m.
You assume that all the content is indexed on the website. Consider a press release model; you may have a 'published' flag on the PressRelease model, so that a press release being prepared does not appear in the list of press releases on the site. The user uploads several images to include in the press release, the images have commercially sensitive information in them that you can only show after the release is published. Should someone be able to get lucky and guess the ids of photos that have not been included in a published release? > They'll end up with more than they need, but > it'll all be local, and it'd take them minutes to then just weed out the > photos - obscuring urls and using random ids just appears to be a waste > of time for public content. > It isn't obscuring the URI; it is making it non-predictable. There are many occasions where generating non-predictable URIs is essential, and assigning objects a UUID (also called a GUID) is extremely common, as it gives a way of uniquely identifying arbitrary items. Stuff like this seems pointless and arbitrary until it's not. Only the OP knows his needs; if he needs non-predictable URIs, he needs non-predictable URIs. Cheers Tom -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
