On Tue, Jun 29, 2010 at 1:01 PM, .M. <[email protected]> wrote: > > Thanks Erik. > > From a security perspective though this doesn't work - someone could > still guess the URLs to download files. And it's environment-wide. I > assume there's no quick way to limit this disabling of 'Download > links' to a particular user/group?
I am wondering - if the reasoning for not allowing the download link is security, allowing the HTML preview is a hole on security, since it's trivially easy to parse the HTML and get the original source file... Just a thought... -- You received this message because you are subscribed to the Google Groups "Trac Users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/trac-users?hl=en.
