Skip to main content

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

DataObjectManager Module

Discuss the DataObjectManager module, and the related ImageGallery module.

Moderators: martimiz, UncleCheese, Sean, biapar, Willr, Ingo, swaiba, simon_w

SWFUpload and htaccess password protected site


3 Posts   2500 Views


17 October 2009 at 11:27pm Community Member, 70 Posts


I'm trying to let a client upload their images on a prototype version of their site that is blanket protected by htaccess in the root folder.

However SWFUpload fails with a 401 (not authorized), because it doesn't pass the logged in details.

Is there anyway for me to protect a site from access but still allow the admins to upload files?

I've tried only protecting the sapphire folder but it still fails.


18 October 2009 at 5:19am 4085 Posts

SWFUpload will not work with secure or password protected connections because the Flash request starts a new session. You need to make sure the upload_url, which I believe is /FileDataObjectManager_Controller/handleswfupload, is open to the public. You can get the exact url by setting SWFUploadConfig::debug(); and looking in the debug window.


19 October 2009 at 12:35am Community Member, 70 Posts

Thanks UncleCheese - I thought it'd be something to do with the Flash element (it has the same problem in Rails!).

Do you (or anyone) know how to turn off htaccess protection for a single folder when the whole site is protected?