I am using a custom module to sell access to download files from my site. Once purchased, the file field becomes available to the user.

The issue is that when the user hovers the download link, the URL path is clearly made available in the bottom of the browser window. I just want to be able to hide that link. I have seen other sites that mask this with something like http://sitename.com/# and still begin download normally, or open a modal/lightbox and download from there. I am open to the simplest solution to simply hide that path so it cannot be copied to clipboard or seen in the browser window.

Comments

Jaypan’s picture

You want to use the private file system in Drupal, instead of public. When doing this, files are served by the system, rather than directly accessed by the browser.

drummondf’s picture

I am currently doing that, but the file path, although masked from the actual path, is still accessible when copied and downloads the file. For example, when I copy that path into another browser window, it still starts the download.

So how can I hide that file path entirely?

Ask me about marketing

VM’s picture

you can't simply hide a path. browsers need to know where the file is thus HTML would still reveal the path.

you will need to investigate already existing modules or write custom code to limit downloads. My guess is that the reason access to the download is granted in another windows is because the session is still active. Private download system stops anon users from accessing the files in a private file system.

Jaypan’s picture

I am currently doing that, but the file path, although masked from the actual path, is still accessible when copied and downloads the file. For example, when I copy that path into another browser window, it still starts the download.

So how can I hide that file path entirely?

You don't need to. When using the private file system you can control access to files. You will need to implement hook_file_download(), and potentially hook_file_download_access() in a module, but these will allow you to determine whether or not the file can be accessed through that path. So for example, you could allow access to the file a single time, but deny it on the second access onwards. Or you could allow access for 24 hours. You can also decide who has access. The point is, it doesn't matter whether or not they can see the path, because you can set the system to determine whether or not they can access the file through that path.

It's impossible to actually hide the path. Think of it as telling the taxi driver 'I need you to take me to this place, but I can't tell you the address'.

drummondf’s picture

I had no idea! In that case, how would one go about building a module to provide access to only those who have purchased access to a filefield? I assume I would need to use the flag from the purchase as an identifier and use a module such as https://www.drupal.org/project/file_access to provide the file access?

Would you be available to help me build this module as a paid service?

Ask me about marketing

Jaypan’s picture

Send me a message through my contact form, and we can talk.

yelvington’s picture

This wheel is already invented... look into the Commerce File module as an example.