Ask A Question


You’re not receiving notifications from this thread.

Using Activestorage how do I restrict a file that can only be accessed through links and not outside the website?

PDG+creative asked in Rails

So if you copy the link of the rails blob and paste it ( incognito ) it basically downloads the file how is this remedied?


so if the link would be


how can I restrict a person from just using that link outside of the website?

I'd paypal $50 for the answer!


I think you can restrict the access by creating another controller route, which dynamically return data depending on request.referer.

So for example, you'd have DownloadsController with a users_csv action. You can then do

if URI(request.referer).host == ''
  send_data ...
  render json: { errors: ['Permission Denied'] }, status: 403
Join the discussion
Create an account Log in

Want to stay up-to-date with Ruby on Rails?

Join 82,969+ developers who get early access to new tutorials, screencasts, articles, and more.

    We care about the protection of your data. Read our Privacy Policy.