如何从rails应用程序下载文件

本文介绍了如何从rails应用程序下载文件的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述 我似乎找不到一个简单明了的答案，任何地方这个问题！一切似乎过时或不完整！

我只是希望用户能够点击链接或按钮并下载文件（这是公共文件夹中的某个地方）

我尝试过：

#view < ;％= link_to原始爆炸输出，：action => ：下载，：file_name => public / data / 02_blastout /＃{@ bl_file}％> #controller def下载 send_file＃{RAILS_ROOT} /＃{params [：file_name]} end

但是我收到这个错误：

：action =>download，：file_name =>public / data / 02_blastout / input0.fa_x_Glyma1aaunq.bl，：controller =>cvits} pre>

感谢您的帮助!!

解决方案

不要使用用户设置的参数 send_file 。这打开了一个巨大的安全漏洞，允许用户访问您的应用程序可读的任何文件（即整个应用程序，也可能是文件系统上的其他文件）。

相反，如果该文件是公开的，请链接到该文件本身。在你的情况下：

<％= link_to原始爆炸输出，/ data / 02_blastout /＃{@ bl_file} ％>

不需要特殊的控制器操作。

I can't seem to find a simple and clear answer to this problem anywhere! Everything seems either outdated or incomplete!

I just want the user to be able to click on a link or button and download a file (that is somewhere in the public folder)

I tried this:

#view <%= link_to "Raw blast output" ,:action => :download, :file_name => "public/data/02_blastout/#{@bl_file}" %> #controller def download send_file "#{RAILS_ROOT}/#{params[:file_name]}" end

but I get this error:

No route matches {:action=>"download", :file_name=>"public/data/02_blastout/input0.fa_x_Glyma1aaunq.bl", :controller=>"cvits"}

Thanks for the help!!

解决方案

Don't use send_file with a parameter set by a user. This opens up a massive security hole, allowing a user to access any file that is readable by your application (namely, your entire application, but also possibly other files on the filesystem).

Rather, if the file is under public, link to the file itself. In your case:

<%= link_to "Raw blast output", "/data/02_blastout/#{@bl_file}" %>

No need for a special controller action.