Upload Widget Response Signature
When uploading files using Cloudinary's Upload Widget successfully, the callback function receives an array containing all of the resources that were uploaded. Each resource object contains information about the resource, as well as a signature. I am forwarding this response to our server using an ajax request, and need to verify the signature on the server side.
Is the signature calculated differently for the upload widget response than it is for the post sent via the notification_url? When using the Cloudinary::Utils.api_sign_request method from the gem and passing all of the params (except the signature), the signature it generates does not match the one returned from the upload widget for the resource.
I'm wondering if the signature is calculated differently for the upload widget because generally, you don't want the api secret on the client side to verify the signature, but in this case, I am fowarding it to our server for verification.
-
Hi Alex,
The signature in the response JSON wasn't meant to be used for validation. This is the Signature that was generated behind the scenes to allow the upload process in the first place (verified by our servers).
0 -
So how are we able to verify the upload response?
0 -
@Chris Nolan
To verify the signature, all that would need to be done is to use the
public_id
and theversion
of the image retrieved from the upload response. I have referenced an example here using Ruby, but please let me know if you need it in another language.1 -
@Daniel Mendoza
Thank you, that works a treat.
0
Post is closed for comments.
Comments
4 comments