How to avoid people edit URL parameters to get high-resolution images

I am showing resized images on my website. How can I avoid people editing the URL to get to the high-resolution version? I’ve looked into signing the URLs, but it seems this limits the time these assets are available, which is not what I want, these images always need to be available to any website visitor, I just don’t want them to be able to get to the full resolution images.

Hi @Picto, I think there are two options here

  1. You can use signed URLs with a very long validity period (e.g., several years)
  2. You can “bake” image processing operations by saving a processed image version as a separate file. You can do this using the REST API local_copy operation
curl --request POST \
  --url \
  --header 'Accept: application/vnd.uploadcare-v0.7+json' \
  --header 'Authorization: Uploadcare.Simple demopublickey:demosecretkey' \
  --header 'content-type: multipart/form-data' \
  --form source=3ca82d0e-3b7c-4d2d-ab56-03328b01e117/-/resize/300x/

Alternatively, you can use the from_url upload method

curl --request POST \
  --url \
  --header 'content-type: multipart/form-data' \
  --form pub_key=demopublickey \
  --form source_url=

I’m just wondering why you need to prevent users from accessing the original image. Could you tell me a little bit more about that?

Use cases:

  1. Stock photos where you show a smaller preview + watermark, but people need to pay to get the high-res version.
  2. Photography website where you want to show your clients a preview, but they need to pay first before getting the high-res version.
  3. Or the other way around, you upload a stock photo for your design, but don’t want others to retrieve the high-res version of the image you paid for.

Thanks! That makes sense. The above methods should work just fine for these scenarios.

1 Like