Also redirect to it for download, for Amazon S3
Prior to this patch an attacker could obtain an
users export by guessing the filename with a high
chance of success. Fully authenticating the
download request is a lot harder due to our diverse
This brings the used method in line with the photo
Thanks to @tomekr for the report.