url caches

[CyrilSabbagh]

Hi, There seems to be a problem with generation several links (with different transformation) on the same image (public_id). This is because they are stored in some cache variables (e.g: _private_urls). What i'm doing right now is emptying the cache manually before I render any image but I guess this is not the best solution. Is there any other way to solve this issue?

Maybe trying to add the transformation to the key for each item stored in the cache! Let me know what do you think. Cheers

[Lepozepo]

I hadn't thought about that but it's totally true. The reason I have them stored is to make sure they don't overflow the server with requests (since the image is signed). I just got a really good idea though! The signature only needs to be calculated when api keys and secrets change. You could instead build another similar helper that uses a stored signature to avoid hitting your server every time for the same signature. Storage of the signature could be done on the helper too, just need to break it apart a bit.

[CyrilSabbagh]

It is a good idea but wouldn't we just loose the security concept of the signature if we expose it to the client?

[Lepozepo]

The only way to get real security from Cloudinary (sadly) is by purchasing their advanced plan so that only your site can make requests to their server. From my understanding, what really protects the image in the free tiers is adding a watermark to your images and serving that image with a signature. Then the original is fully private until you generate an expiring download URL.