Thank you for the clarification Daniel. On Wed, Sep 7, 2016 at 5:04 PM, Daniel Gultsch <[email protected]> wrote:
> Hi, > > you can implement upload access control in two ways. First of all the PUT > URL can differ from the GET URL. Thus the PUT Url can be kept secret. You > can put 'tokens' into the filepath of the URL itself. For example > https://server.tld/somegeneretadsecret/foo.png. On top of that you can > make those URLs write once. This is what most current implementations of > HTTP Upload do. > > cheers > Daniel > > 2016-09-07 12:05 GMT+02:00 vaibhav singh <[email protected]>: > >> Hi all, >> >> I was reading up on XEP-0363: HTTP File Upload and am not able to make >> sense of some things referenced in the XEP. >> >> 1.) Is the PUT URL being sent to the Receiver the final PUT URL to be >> used for uploading the file, or can it be modified by the Receiver, which >> can then construct the final GET URL, the URL where the file is located? >> This question crept up because I could not see any way of using file >> upload services like Google Drive or Dropbox, essentially services which >> require some kind of access control. >> >> 2.) If the PUT URL cannot be modified by the Receiver, what do you >> suggest can be done to use services with access control? With whom should >> the burden of access control lie in this case? >> >> 3) If the XEP can be used only for non-access controlled HTTP servers, >> how is it any different from say, using XEP-215 (External Service Disovery) >> and getting access to the HTTP servers that way? >> >> 4) I saw somewhere that Conversations client has already implemented the >> XEP. Are they using non-access controlled HTTP or WebDAV servers to upload >> the files? >> >> I really feel that the XEP could be expanded to include services which >> require access control, but am not sure how to proceed with it. any help >> would be really appreciated. >> >> -- >> >> Regards, >> Vaibhav Singh >> >> _______________________________________________ >> Standards mailing list >> Info: https://mail.jabber.org/mailman/listinfo/standards >> Unsubscribe: [email protected] >> _______________________________________________ >> >> > > _______________________________________________ > Standards mailing list > Info: https://mail.jabber.org/mailman/listinfo/standards > Unsubscribe: [email protected] > _______________________________________________ > > -- Regards, Vaibhav Singh
_______________________________________________ Standards mailing list Info: https://mail.jabber.org/mailman/listinfo/standards Unsubscribe: [email protected] _______________________________________________
