Closed naelshawwa closed 9 years ago
jayeb
commented
9 years ago We have a project called imgix-core-js that will provide the functionality you're looking for, but I don't recommend you use it in client-side applications. Generating secure URLs in the browser isn't really a great idea--it requires you to ship your key to a production environment where anyone can get at it, which kind of negates the idea of the URL being secure.
naelshawwa
commented
9 years ago Thanks @jayeb. I'm testing out imgix-core-js and I don't see how it secures the URL? I still see the "w=400&h=300" parameters in the URL. Can you point me to the docs that show how to hide them?
Thanks
jayeb
commented
9 years ago Can you do me a favor and shoot an email to support@imgix.com? I'll pick it up as soon as it comes in, I promise. For implementation discussions like these our ticket system is a much better tool than GitHub issues.
toobulkeh
commented
7 years ago I know this is an old issue, but one method to solve this problem would be to optionally allow specific query params to be ignored in the signing process -- that way we could sign a URL on our backend, provide it to the img ix-src attribute, and then let fluid do its thing.
In order to support both secure non-chaging url params and fluid, it would have to be a configuration setting on the admin dashboard -- to cover both use cases.
I'd like to use imgix in our app and generate secure urls so that users don't tamper with the image url. Maybe I missed it but I don't see anything about secure URLs on the client js library. I can see how we generate that on the admin side but I will need to generate them on the fly in the application.
Any ideas?