File security & Custom column encryption

[facuparedes]

Hi!
I have a File column and a "Text"'s string column. I would like to know if there is an option to encrypt my Text column (Just like Parse with User's password column).
Also, files stored on Parse are unsecured. Anybody with file's url can access and download it. I know that Parse-Server team won't work on the file's securing. So, do you know another way to do it?

Greetings!

[RodrigoSMarques]

Hi @FNPCMDs
use some Dart encryption lib to encrypt the text
https://pub.dev/packages?q=encripty

In Parse Server 4.3.0 Version:
Add file bucket encryption using fileKey
parse-community/parse-server#6765

How could anyone identify the file's URL?

[facuparedes]

Hi @FNPCMDs
use some Dart encryption lib to encrypt the text
https://pub.dev/packages?q=encripty

In Parse Server 4.3.0 Version:
Add file bucket encryption using fileKey
parse-community/parse-server#6765

How could anyone identify the file's URL?

Hi!
You can use a Proxy to intercept any request (and also modify it). So, if a user is doing that, they can get file url, isn't he? Then, they can download file from file's url. e.g: https://parsefiles.back4app.com/79FENPzYezM8p1Oeg6JHebwBkh7cbVZ4bsc2mgLV/ccf1b1e4c966cde4f501becfbcad471c_test.txt

[RodrigoSMarques]

I never did a test, but I believe that SSL (https) connections cannot be intercepted, otherwise it would not be safe for any type of transaction, including banking.

[facuparedes]

I never did a test, but I believe that SSL (https) connections cannot be intercepted, otherwise it would not be safe for any type of transaction, including banking.

I think you're right. However I'm going to try that. If I can find something, I'm going to post here.