My link show only part of the url, but Imho there is no solution to keep things safe on the client side, even with a simple "/download/ID_IMAGE" a malicious user can easily rebuild the protected link, the best approach in SPA application is to send encrypted username and password for every type of request.
Il giorno martedì 15 aprile 2014 04:39:36 UTC+2, Michel Morelli ha scritto: > > > Il giorno 14/apr/2014, alle ore 21:01, Smart Cris > <[email protected]<javascript:>> > ha scritto: > > Thx for the suggestion, a simple <a ng-href="{{file}}" > target="_self"></A> did the job without even touching the headers. > > > In this way your file is accessible to unauthorized users. They need to > know only the “file” url. > Or your {{file}} is something like "/download/ID_IMAGE” ? > > M. > -- > Davide Morelli > [email protected] <javascript:> > > > > > -- You received this message because you are subscribed to the Google Groups "AngularJS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/angular. For more options, visit https://groups.google.com/d/optout.
