zenphoto forums » General Zenphoto Discussion

RSS Headache and Possible Security Hole

(5 posts)

Tags:

  1. lkjs

    Senior
    Joined: Apr '11
    Posts: 55

    1) Watermarks are completely circumvented via RSS. There is a direct link to the full sized jpg files without image compression. It looks like this in firefox:

    Media files
    http://www.mydomain.com/zenphoto/my-amazing-artwork.jpg (JPEG Picture, 8.4 MB)

    I tried what I could but cannot figure out how to stop it form writing this in the RSS feed. Perhaps there is a simple way to stop this in htaccess? The media toggle doesn't seem to work either.

    I'm using 1.4.0.3 and soon to be upgrading because of the hack attacks.

    Posted 1 year ago #

  2. lkjs

    Senior
    Joined: Apr '11
    Posts: 55

    Solution: Purge RSS cache and the toggle in the settings work. I confused myself I guess tired.

    Leaving this up so anyone who has the same problem can find the answer. This should probably default as off.

    Posted 1 year ago #

  3. Zenphoto development team
    acrylian

    Developer
    Joined: Jul '07
    Posts: 13,357

    We generally think that a rss cache is a good idea as it will lower the workload for the server if you have lots of subscribers.

    Don't forget to read the Forum rules and usage resources
    Posted 1 year ago #

  4. lkjs

    Senior
    Joined: Apr '11
    Posts: 55

    Agree, it just didn't show up and by default the media direct links are left enabled. This is a hole to get the full sized files without the watermarks.

    Everything fine now, perhaps they should default as unchecked in future.

    Do you know if there is any good way to merge the gallery and and blog feeds as one for technorati with zenpage? Looks like it would need some customising. Thinking how best to tackle it.

    Posted 1 year ago #

  5. Zenphoto development team
    acrylian

    Developer
    Joined: Jul '07
    Posts: 13,357

    About merging see my response on the other thread. We will look into the watermark thing. Best you file a ticket that we don't forget in this current busy time...

    Don't forget to read the Forum rules and usage resources
    Posted 1 year ago #

RSS feed for this topic

Reply

You must log in to post.