I can change ?width= to any value
causing it to be resized each time
even if you have caching implemented
if I change width, the cache won't be used
this is an ideal case for DoS
cheap request, expensive response
just plugging the imgproxy might be easier than reimplementing these signed urls
there is a node.js package with conveniant API for generating and signing imgproxy urls
https://github.com/unitedwardrobe/imgproxy-node
As Matt pointed out:
He proposed this as a solution: https://docs.imgproxy.net/#/signing_the_url