Re: restrict downloading files based on user-permission

I'm guessing that your original problem was that HTTP headers can only
contain ASCII characters. To have a UTF-8 encoded name, you should use
percent-encoding. I'm using this code on production site:

quoted_name = urllib.quote(file.name.encode('utf-8'))
response['Content-Disposition'] = 'attachment; filename=%s' % quoted_name

and it works perfectly with any unicode name.

> On 21 Nov., 16:31, patrickk <sehmasch...@gmail.com> wrote:
>> I need to serve media-files uploaded by users, but only the user who
>> uploaded a file should be able to download that file again. therefore,
>> I need to check whether the currently logged-in user is the creator of
>> that file (ok, that´s easy with using a view).
>>
>> – of course, serving the media-file via django is not an option.
>> – downloading the file (changing the response-header) is not an option
>> either since we need to use utf-8 filenames (same goes for xsendfile).
>>
>> any ideas on how to achieve this? btw, we´re using mod_wsgi.
>>
>> thanks,
>> patrick
>
> --
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
>
>

--
Łukasz Rekucki

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.