Categories
Developer Advisory WooCommerce Core

Approved Download Directories

We plan on including a new Approved Download Directories feature in WooCommerce 6.5 (scheduled for May 10) to give site owners additional control over product downloads. You may be particularly interested in this if you:

  • Maintain a theme, plugin, or service that integrates with product downloads.
  • Operate a site that sells downloadable products.

This advisory contains a brief synopsis of the change: full documentation is available here for those needing more detail.

The Details

We already provide several safety features concerning product downloads (for example, downloadable files must be of an allowed file type before they can be added to a product) and, with Approved Download Directories, we are making a further layer of protection available that will allow site owners to specify a set of trusted locations in which all downloadable files must be stored.

This screenshot shows the new UI that site administrators will be able to access in order to manage the list of trusted locations (it will be found in WooCommerce ▸ Settings ▸ Products ▸ Approved Download Directories).

Merchants might for example use this to ensure that downloadable files are always stored in locations to which they have full read/write access.

The feature is optional and can be enabled (or disabled) at any time. Our plan is to enable it out-of-the-box for new installations, starting with WooCommerce 6.5, but make it opt-in for existing stores that upgrade from earlier versions.

How can I tell if this affects me?

If you are a developer responsible for a plugin, theme or component that integrates with product downloads, or if you operate a site that sells downloadable products, you may wish to perform some additional testing to detect potential problems ahead of the 6.5 release.

What action should I take?

Consider testing the new feature in a staging or testing environment prior to May 10. The feature is already present in our trunk branch on GitHub, and we expect it will be included in the upcoming beta build (scheduled for April 19), too.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.