Forem Creators and Builders

Discussion on: is Forem protected against hot-linking of images?

Collapse
xnbox profile image
Alexander

I think the following hook could be used here:

  • When uploading a file, associate its link on the hosting service with the user's ID.
  • Before publishing a post, you can automatically delete all files that are not linked to in that post.

I'm not sure if this functionality is missing in FOREM. But if not, it would probably be a good idea to open a feature request.

Have a nice day!

Collapse
ben profile image
Ben Halpern

Yes, we've discussed this. Hasn't been implemented.

Images like this could be manually removed to prevent a certain type of abuse.

Collapse
9comindia profile image
9comindia Author

@ben hmm.. did this kind of attack ever happened on dev.to?

Thread Thread
ben profile image
Ben Halpern

It has not. I suspect there are easier, more automatable attack vectors than this, but of course, that doesn't mean we shouldn't build in the fix.

Thread Thread
9comindia profile image
9comindia Author

Good that the world has been good till now.
Other attacks mean.. are you referring to DdoS(Distributed denial of Service)?