localhost development with restricted fetch/referral domains

Comments

3 comments

  • Avatar
    Roee Ben Ari

    Hi Chris, 

    I assume you're referring to the 'Allowed fetch domains' setting? if so, note that this setting is meant to restrict the fetched URLs domains and not the domains that make the request (e.g., localhost). 

    When uploading a resource using remote-upload/fetch, in cases where firewalls are present (as in local dev environments), the origin/destination server needs to authorize (whitelist) the IPs from which requests are sent by Cloudinary.

    Normally these requests are processed by a bundle of servers, using dynamic IPs that cannot be whitelisted in advance and therefore may be blocked by the firewall. This can be solved by configuring your account to use certain web proxies that have fixed IPs (this service is available starting the Advanced plan).

    If you're interested in this service, please open a support ticket and let's continue the discussion from there?

    0
    Comment actions Permalink
  • Avatar
    CTR

    So, we can not restrict what domains fetch the assets? There is no way to Access-Control-Allow-Origin an asset to a production domain? So there is no way to host an asset only allowable on your domain? So all Cloudinary hosted files can be stolen and reference by other websites? 

    The label on the setting says "Specify the domains and subdomains from which images and videos can be fetched. Enter each domain on a separate line." 

    0
    Comment actions Permalink
  • Avatar
    Stephen Doyle

    We have several methods of restricting access to images to authorized users, and there's a lot of flexibility depending on your requirements. There's an outline of some methods available in this help center article: https://support.cloudinary.com/hc/en-us/articles/202519742-Can-I-allow-access-to-uploaded-images-only-to-authenticated-users-
    There's also a guide to some of the methods in our main documentation: https://cloudinary.com/documentation/upload_images#control_access_to_images

    Not all methods are available on all plans, and in particular, some methods such as whitelisting or blacklisting by referrer domain or based on cookie signatures require manual setup between our systems and those of our CDN partners.

    If you contact us directly via our support center and let us know a little about your requirements, we can also suggest some specific solutions

    0
    Comment actions Permalink

Please sign in to leave a comment.