The old school method for sending an image that lives outside of the webroot to the browser was to use CFCONTENT
getImage.cfm
`
`
and in the IMG tag:
<img src="getImage.cfm?GUID=#metaData.GUID#"
So would this work in Coldbox? If I set the path to the image in the RC, doesn’t this get exposed to the public?
Any help is appreciated.
Thank you.
-Chris
I’m not sure if I understand the question. That method would be just as secure (or insecure) regardless of whether ColdBox is in use. The rc starts as a combination of the FORM and URL variables, but any values you place in it will not be immediately accessible to your end users.
Thanks!
~Brad
ColdBox Platform Evangelist
Ortus Solutions, Corp
E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com
I’m trying to avoid the path being exposed in the browser’s “View Source” in the src attribute of the IMG tag. The non-coldbox way just shows the link to the getImage.cfm template. I’m trying to port this over to a Coldbox app. Current code is below:
`
`
getImage.cfm
`
<cfset DocCFC = createObject(“component”, “FolderByGUID”)>
<cfset FilePath = DocCFC.getGUIDPath("#url.GUID#") />
`
Any help is appreciated.
Thank you.
-Chris
The “ColdBox way” isn’t going to show any more information than the non ColdBox way. It would just be an event Handler instead of a .cfm file.
<cfset imagePath= event.buildLink(“content.download”) & “/metadata.GUID”>
Which would render something like this in the source code.:
ColdBox doesn’t change how you obfuscate the files, it just provides a framework for organizing your code and your URLs.
Thanks!
~Brad
ColdBox Platform Evangelist
Ortus Solutions, Corp
E-mail: brad@coldbox.org
ColdBox Platform: http://www.coldbox.org
Blog: http://www.codersrevolution.com