Hosting PDFs

I’ve never wanted to let people upload arbitrary files to the server - as soon as we give customers any kind of write access to the file system there are all sorts of security holes that we need to start caring about.

But we do let you upload images into the database, because they’re obviously an essential part of the web content for a show.

And after images, the single most requested “can we upload this file to the ticketing system somehow” is for PDF documents. So far, we’ve just said “No, we don’t host files, stick it on your website and link to it. If you haven’t got or can’t used a website, use dropbox.”

But I’m prepared to consider allowing the upload of PDFs (and only PDFs) into the database; there’s a limited security risk. We don’t have Adobe Reader on the servers, so even a PDF laden with malware isn’t going do much once it’s up there (if you upload a PDF laden with malware that is going to explicitly be your problem: I am not taking responsibility for virus scanning stuff you upload).

Who wants to be able to store PDF documents in the ticketing database, and link to them online, and attach them to confirmation emails?

  • Yes please!
  • Meh
  • Nope. I actively want you not to add this functionality.

0 voters

Do not ask for this functionality to be extended to Word Documents as refusal often offends.

This topic was automatically closed 41 days after the last reply. New replies are no longer allowed.