I am showing resized images on my website. How can I avoid people editing the URL to get to the high-resolution version? I’ve looked into signing the URLs, but it seems this limits the time these assets are available, which is not what I want, these images always need to be available to any website visitor, I just don’t want them to be able to get to the full resolution images.
Hi @Picto, I think there are two options here
- You can use signed URLs with a very long validity period (e.g., several years)
- You can “bake” image processing operations by saving a processed image version as a separate file. You can do this using the REST API local_copy operation
curl --request POST \
--url https://api.uploadcare.com/files/local_copy/ \
--header 'Accept: application/vnd.uploadcare-v0.7+json' \
--header 'Authorization: Uploadcare.Simple demopublickey:demosecretkey' \
--header 'content-type: multipart/form-data' \
--form source=3ca82d0e-3b7c-4d2d-ab56-03328b01e117/-/resize/300x/
Alternatively, you can use the from_url upload method
curl --request POST \
--url https://upload.uploadcare.com/from_url/ \
--header 'content-type: multipart/form-data' \
--form pub_key=demopublickey \
--form source_url=https://ucarecdn.com/3ca82d0e-3b7c-4d2d-ab56-03328b01e117/-/resize/300x/
I’m just wondering why you need to prevent users from accessing the original image. Could you tell me a little bit more about that?
Use cases:
- Stock photos where you show a smaller preview + watermark, but people need to pay to get the high-res version.
- Photography website where you want to show your clients a preview, but they need to pay first before getting the high-res version.
- Or the other way around, you upload a stock photo for your design, but don’t want others to retrieve the high-res version of the image you paid for.
Thanks! That makes sense. The above methods should work just fine for these scenarios.
1 Like