Perhaps they are worried about the same url being used to serve multiple files. Eg: example.php/download/invoice.pdf might be customer / order specific.
Right, I can see why the hash of the file would be important, but I can't see why they would include the plain text URL instead of a hash.
It would be interesting to have a hash of a file that could identify embedded data but exclude private data. For instance, for a Microsoft Office file it would include hashes of embedded binary assets but exclude the text of the document.
It would be interesting to have a hash of a file that could identify embedded data but exclude private data. For instance, for a Microsoft Office file it would include hashes of embedded binary assets but exclude the text of the document.