Error
The recent setting 'Disable Predictable Ids' is welcome as it prevents unsecured images and files from being 'harvested', and almost eliminated the risk or our own users 'finding' files, profile pictures and avatars by sequential Id and the perception of security risk.
It also adds a layer of protection for documents that were saved as unsecured or with fewer restrictions than appropriate from being discovered.
We have turned on the new setting 'Disable Predicable ID' and appreciate the new Hash reference for Ids, especially on the public site.
However the room management plugin still references images by Id throughout, as well as some of our workflows.
To manage the transition away from predictable id's, it would be helpful to have an additional setting to allow the file handlers GetImage and GetFile to still accept file Ids.
This would hide the ability to retrieve files by Id from most users. We would also be able to filter those requests at the firewall level to ensure that they are only from internal users, preventing harvesting and 'accidental' discovery of documents and images.
Cultivate your ideas for maximum impact with these helpful submission tips that will increase the chances of your brilliant concepts becoming reality.