diff --git a/app/controllers/attachments_controller.rb b/app/controllers/attachments_controller.rb index 6edd2a8c8..66b9a282d 100644 --- a/app/controllers/attachments_controller.rb +++ b/app/controllers/attachments_controller.rb @@ -21,7 +21,7 @@ class AttachmentsController < ApplicationController before_filter :delete_authorize, :only => :destroy before_filter :authorize_global, :only => :upload - before_filter :require_login, only: [:download] + before_filter :login_without_softapplication, only: [:download] accept_api_auth :show, :download, :upload @@ -207,4 +207,9 @@ private end content_type.to_s end + + def login_without_softapplication + referer = request.headers["Referer"] + require_login unless referer =~ /softapplication/ + end end