Vulnerability in EPiServer.Forms

Try our conversational search powered by Generative AI!

AI OnAI Off

Form uploaded images accessible when not logged in?

neworigin
neworigin
Vote:
 

Hi there,

I am trying to allow users to upload images for display on another page using a form in the CMS. When using an Image upload field, it stores the images at a path like:

domain.com/contentassets/dd6e2cd0fd476e46a7db0d0c32d89275/uploaded-files/example123_500_54545454545.jpg

However, when I try and use this path on a page, I am prompted to log in to the CMS. Is there a way to allow uploaded images to be accessibile publicly?

#305403
Edited, Jul 19, 2023 16:38
Paul McGann (Netcel)
Paul McGann (Netcel)
Vote:
 

Hi New Origin,

Is content assets a folder in your media library?

Without access to your cms I would check you access rights though the cms admin.

Thanks

Paul

#305404
Jul 19, 2023 17:28
Daniel Isaacs
Daniel Isaacs
Vote:
 

Tomas's blog post is a couple years old, but I think this approach should still work:

https://www.gulla.net/en/blog/episerver-forms-public-access-to-uploaded-files/

#305406
Jul 19, 2023 20:31
neworigin
neworigin
Vote:
 

Thanks for the link Daniel. That worked perfectly!

#305449
Jul 20, 2023 13:37
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.