Jump to content

[SOLVED] $config->pagefileSecure has no affect on trashed pages


Recommended Posts


on PW v3.0.229 when setting $config->pagefileSecure, files (PDF inmy case) are still offered for download, even if the pages for those files reside in the trash.

Can anyone confirm that behaviour?

IMO assets of trashed pages should not be publicly available and $config->pagefileSecure should take care of that like it does for unpublished pages.

Many editors without superuser priviliges aren't even aware of pages in the trash, unless we allow them to see the trash. So they would think that a trashed page is gone for good. In my case I now made the trash visible to those editors. But I also needed to instruct them to unpublish pages before moving them to the trash or delete them from the trash in order to make the files not appear publicly anymore 

  • Like 2
Link to comment
Share on other sites

  • gebeer changed the title to [SOLVED] $config->pagefileSecure has no affect on trashed pages

Problem solved. Ryan mentioned in the issue report that only files are protected that are uploaded after the $config->pagefileSecure setting is in place.

I was not aware of that and I couldn't find that requirement documented anywhere when doing a search prior to posting this issue. Done a search again which pulled up this forum thread   

I suggest to add that information to the entry for `$config->pagefileSecure` at  https://processwire.com/api/ref/config/   

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...