using the magicks I worked on for the compatibility stuff, I will build a simple plugin that will enable full security for attachments, while still allowing direct access via apache URL for speed -

basic premise - OnSave? update a web's .htaccess file to denyaccess to any file in a non-guest topic

then add ErrorDocument 401 /foswiki/bin/viewfile

tada.

-- SvenDowideit - 18 Dec 2008

The copyright of the content on this website is held by the contributing authors, except where stated elsewhere. see CopyrightStatement. Creative Commons LicenseGet Foswiki at sourceforge.net. Fast, secure and Free Open Source software downloads