public function FileEntity::getDownloadToken in File Entity (fieldable files) 8.2
Generates a token to protect a file download URL.
This prevents unauthorized crawling of all file download URLs since the {file_managed}.fid column is an auto-incrementing serial field and is easy to guess or attempt many at once. This can be costly both in CPU time and bandwidth.
Return value
string An eight-character token which can be used to protect file downloads against denial-of-service attacks.
See also
image_style_path_token()
1 call to FileEntity::getDownloadToken()
- FileEntity::downloadUrl in src/
Entity/ FileEntity.php - Returns a Url for a file download.
File
- src/
Entity/ FileEntity.php, line 471
Class
- FileEntity
- Replace for the core file entity class.
Namespace
Drupal\file_entity\EntityCode
public function getDownloadToken() {
// Return the first eight characters.
return substr(Crypt::hmacBase64("file/{$this->id()}/download:" . $this
->getFileUri(), \Drupal::service('private_key')
->get() . Settings::getHashSalt()), 0, 8);
}