Cloudinary's add-on packages are limited by quotas so to avoid abuse to your account, the request URL must be signed when generating a new transformation that involves add-ons.
For example (JPEGmini):
http://cloudinary.com/documentation/jpegmini_image_compression_addon#signed_urls
If all required transformations are known in advance, it's also possible to pre-generate it during upload, using eager transformations. This way those images will be accessible without signing the URLs.
For example (JPEGmini):
http://cloudinary.com/documentation/jpegmini_image_compression_addon#eager_transformations
Note: You can optionally remove the default signed URL requirement for a particular add-on by selecting it in the Allow unsigned add-on transformations section of the Security page of the Console Settings.
Comments
2 comments
We love the ad-hoc transformation system, as we have a growing set of clients all using more image sizes than we can predicate in advance, despite the fact they will largely use the same effects, etc.
Is it fair to say that there is no good way to both leverage the awesome, ad-hoc sizing and also take advantage of pre-decided, but definitely add-on effects, without providing signature every time?
Our own (untrusted) clients must make a round trip to our own server for every signature, so it feels a little impractical to do this every time we need a new image size. However, could you point me to a reference on how long a client might safely cache and re-use a signature to reduce this overhead, and thus take advantage of advanced add-ons (and also avoid abuse)?
Hi Jesse,
Actually this kind of signature never expires. Furthermore, it's only necessary for the first processing of every new derived image.
As mention above, this is a safety mean to protect your quotas. any option to bypass it with a client-side code will compromise your limits (those are hard-limits) and therefore your Production.
Feel free to contact our support if Ajax calls for the signature are too "expensive" for your use-case, and we'll try to find another solution.
Please sign in to leave a comment.