What is SecureFileStore?
SecureFileStore (prev. SecureImages) solves a general security vulnerability of MediaWikis. Pictures and ducumments could be found with search engines like google.
Functions of SecureFileStore
- SecureFileStore delivers the files in the images directory. Direct access to the file is no longer allowed.
- A php script checks in the last step before delivery of a file, if read permission exists for this file and refuses the output if necessary.
- If the SecureFileStore extension is active, SecureStore will only redirect it if authorized. Otherwise, an error 403 Forbidden is output.
- A whitelist array can be used to specify which files are generally available for download, eg images. So you can make the images available to all and files only for specific groups.
- In a DefaultDisposition-String you can set whether files are displayed in the browser by default (inline) or opened with an external application (attachment).
- In a DispositionInline-Array can be set which files are always provided for viewing in the browser.
- In a DispositionAttachment array you can set which files are always opened with external application.
The Wiki-Admin can use following preferences:
- DefaultDisposition: String which determinates whether data will be shown in the browser by default (Inline) or if it has to be opened with an external program (Attachment).
- DispositionInline: Combobox with multiple selections; list of file extensions for files which are allowed to be accessed in the browser but are not at disposal of download (Inline).
- DispositionAttachment: Combobox with multiple selectors; list of file extensions for files, which are only accessible from external programs (Attachment).
- FileExtensionWhitelist: Combobox with multiple selectors; list of file extensions for files which should be displayed, regardless of the permissions.
Our reference page.