keichan34
commented
8 years ago Decided to not do this. Since these URLs should be put behind a CDN, authentication should be done at the CDN level, not this level. Since an ever-increasing expires_at parameter is not constant, it'll have a 0% cache hit rate.
An
expires_attimestamp that is embedded in the URL, so the link needs to be fresh. I'm not 100% decided on this yet, but I'm pretty sure I want it in my application, so it might be going in (or at least, some kind of customizable authentication -- not just anexpires_atparameter)