Feature Request: Header Auth Support?

Sugarlessmuffins commented 8 months ago

Is it possible to add "Authorization" Header on the image?

What i mean is Header for image output from imagor. it to prevent the image getting stealed.

cshum commented 8 months ago

Perhaps you can try the expire(timestamp) filter, alongside with URL signature?
https://github.com/cshum/imagor?tab=readme-ov-file#utility-filters https://github.com/cshum/imagor?tab=readme-ov-file#url-signature

AlekseyArh commented 8 months ago

Is it possible to add "Authorization" Header on the image?

What i mean is Header for image output from imagor. it to prevent the image getting stealed.

You can use nginx as one of the options.

server {

    listen 80;
    listen [::]:80;
    server_name img.example.com;

    location / {
        if ($http_authorization != "Bearer 1234") {
            return 401;
        }
        proxy_pass http://imagor;
    }

}

# curl -I 'http://img.example.com/{...}/test.jpg'
HTTP/1.1 401 Unauthorized

# curl --header "Authorization: Bearer 1234" -I 'http://img.example.com/{...}/test.jpg'
HTTP/1.1 200 OK

Additionally, you can block by referer.

server {

    listen 80;
    listen [::]:80;
    server_name img.example.com;

    location / {
        if ($http_authorization != "Bearer 1234") {
            return 401;
        }
        valid_referers server_names ~(example\.com|test\.com);
        if ($invalid_referer) {
            return 403;
        }
        proxy_pass http://imagor;
    }

}

# curl --header "Authorization: Bearer 1234" -I 'http://img.example.com/{...}/test.jpg'
HTTP/1.1 403 Forbidden

# curl --header "Authorization: Bearer 1234" -I 'http://img.example.com/{...}/test.jpg' --header "referer:http://example.com"
HTTP/1.1 200 OK

cshum / imagor

Feature Request: Header Auth Support? #427