I am showing resized images on my website. How can I avoid people editing the URL to get to the high-resolution version? I’ve looked into signing the URLs, but it seems this limits the time these assets are available, which is not what I want, these images always need to be available to any website visitor, I just don’t want them to be able to get to the full resolution images.
Hi @Picto, I think there are two options here
- You can use signed URLs with a very long validity period (e.g., several years)
- You can “bake” image processing operations by saving a processed image version as a separate file. You can do this using the REST API local_copy operation
curl --request POST \ --url https://api.uploadcare.com/files/local_copy/ \ --header 'Accept: application/vnd.uploadcare-v0.7+json' \ --header 'Authorization: Uploadcare.Simple demopublickey:demosecretkey' \ --header 'content-type: multipart/form-data' \ --form source=3ca82d0e-3b7c-4d2d-ab56-03328b01e117/-/resize/300x/
Alternatively, you can use the from_url upload method
curl --request POST \ --url https://upload.uploadcare.com/from_url/ \ --header 'content-type: multipart/form-data' \ --form pub_key=demopublickey \ --form source_url=https://ucarecdn.com/3ca82d0e-3b7c-4d2d-ab56-03328b01e117/-/resize/300x/
I’m just wondering why you need to prevent users from accessing the original image. Could you tell me a little bit more about that?
- Stock photos where you show a smaller preview + watermark, but people need to pay to get the high-res version.
- Photography website where you want to show your clients a preview, but they need to pay first before getting the high-res version.
- Or the other way around, you upload a stock photo for your design, but don’t want others to retrieve the high-res version of the image you paid for.
Thanks! That makes sense. The above methods should work just fine for these scenarios.