Forums

Basic Authentication & Static Files

If 'Password Protection' (aka Basic Authentication) is turned on, is there anyway static files can be served up without requiring basic Auth?

My app is contacting an external API (Shopify in this case) and when it uploads images, it just passes the URL of the image for Shopify to come and upload.

The app doesn't need complex security, so basic Password Protection is sufficient, but this currently means that files in the Static folder also result in a username/password challenge.

Is there anything I can do to avoid this (other than implementing an in-app login)?

You can use one web app to serve static files and another one that is password protected.