Question regarding security of file storage

CHEONG_YEW_HOONG · October 8, 2022, 1:57am

Hi,

I just started to use file storage features from backendless. However, i have a concern regarding the security. For example, the link of my pdf file is:

https://backendless_domain/api_key/file/A.pdf.

Then user should able to load the PDF file in web browser.

If user type https://backendless_domain/api_key/file/, the web browser will show all the files available in that directory in jSON format which is not meant to access by unauthorised user. Is it anyway to solve this?

Marina.Kan · October 10, 2022, 6:30am

Hi, @CHEONG_YEW_HOONG

You need to set file permissions so that NotAuthenticatedUser or someone else cannot read the files or access the directory. Here are some links where you can read more about file security in Backendless:

Files Security - Backendless REST API Documentation

Global Permissions - Backendless REST API Documentation (global info about permissions)

Regards,
Marina