This repository has been archived by the owner on Jul 13, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2.4k
Hashing
pierce-h edited this page Sep 30, 2014
·
10 revisions
To secure your attachments by hiding the actual directory structure from prying eyes.
Paperclip does not use hashing when generating attachment paths, by default:
# Highlighting default options related
# to path/url generation and hashing
> Paperclip::Attachment.default_options
=> {
:hash_data=>":class/:attachment/:id/:style/:updated_at",
:hash_digest=>"SHA1",
:path=>":rails_root/public:url",
:url=>"/system/:class/:attachment/:id_partition/:style/:filename",
}
Add an initializer to modify this behavior:
# config/initializers/paperclip_defaults.rb
Paperclip::Attachment.default_options.update({
:path => ":class/:attachment/:hash/:style.:extension",
:hash_secret => ENV[RANDOM_SECRET]
})Adding the :hash interpolation to the path patters injects a has generated from the :hash_secret and :hash_data options.
Generate a :hash_secret using SecureRandom.base64(128) from a rails console to generate a relatively secure random string.
Once you've got that set up, defining attachments requires no modifications to get the new hashing behavior (except perhaps restarting your development server):
class Profile
has_attached_file :portrait
end