remove e_blur value from cloudinary URL
Hi there,
we are using the blur function from Cloudinary. This results in a link such as:
https://res.cloudinary.com/demo/image/upload/e_blur:800/front_face.jpg
The problem is that any of our users would be able to adjust the e_blur:800 to e_blur:0 to see the clear version of the picture.
Is there a way of hiding this parameter while still blurring the picture?
Christian
-
Hi Christian,
There are 3 ways you can make sure your clients won't be able to request the image without the exact blur effect level that you've specified, so accessing the image without the blur effect won't be possible and so does modifying the intensity level to anything other than 800.
- Option 1: Upload your assets with `private` type and enable strict transformations. Once strict transformations are enabled, whitelist only the exact transformations that you wish to allow clients to request. In this case `e_blur:800`. The `private` type will also ensure that access to the original asset is forbidden unless the URL is signed with the equivalent signature component, which isn't possible to generate without access to the cloud's API Secret. You can read more about it here.
- Option 2: Upload your assets with type `authenticated`. When assets are set as authenticated, access to either the original or any transformation is restricted, unless the URL consists of a signature (similar to accessing the original asset only when the type is set to `private`). The signature is unique for each URL, meaning that once you change a single character in the URL, the required signature also changes, and therefore, clients that will try to manually change the e_blur intensity will get back a 404/401 error.
Here's how you can easily generate signed URLs for `authenticated` assets: https://cloudinary.com/documentation/control_access_to_media#signed_delivery_urls.
You will only sign the `e_blur:800` URL and thus this will be the only transformation URL with a signature that will be publicly exposed to the clients.
- Option 3: Apply the blur effect as an incoming transformation. This means that the blur will be applied to the original image stored on your cloud. Further requests to the blurred image will be done with the original image URL, without any additional transformation components added to it, so no one will be able to remove the blur from the URL.
However, this also means that you won't have access to the original image anymore, since the blur effect was applied directly to it on upload. This isn't a derived image like in the previous two options. So if you still require having the ability to access the original image via Cloudinary, you should stick with Options 1 & 2.
I hope this answers your question and clarifies the subject.
Best,
Raz0 - Option 1: Upload your assets with `private` type and enable strict transformations. Once strict transformations are enabled, whitelist only the exact transformations that you wish to allow clients to request. In this case `e_blur:800`. The `private` type will also ensure that access to the original asset is forbidden unless the URL is signed with the equivalent signature component, which isn't possible to generate without access to the cloud's API Secret. You can read more about it here.
-
Thank you for the suggestion.
If I understand this correctly, it can be applied on new upload but what about existed images in Cloudinary? I have more than 300k existed images
Is there a way to process all existed images and provide 2 URLs ?
- 1 original
- 1 with a fixed blur effect that cannot be modified
Best,
Trung
0 -
Hi Trung,
Our Upload API's explicit method would achieve exactly what you're looking for: https://cloudinary.com/documentation/image_upload_api_reference#explicit_methodFor example, if you were using our Node SDK:
cloudinary.uploader.explicit('public_id', {
type: 'upload',
eager: [{effect: 'blur:800'}],
}, function(err, res) {
console.log(res, err);
});Your original uploaded asset would remain, and using the explicit method would eagerly derive the blurred version.
Hope this helps!Regards,
Victor0 -
Thank you but that answer does not satisfy my requirement "fixed blur effect that cannot be modified by end user" and I don't want to
I also looked in Cloudinary API, it seems that there is solution for my needs.
Best,
Trung
0 -
Hey Trung,
Please see option 1 in my previous reply. This is the approach that will allow you to achieve the exact goal that you're seeking.
If you already have existing assets, you can loop through them and use the rename method to change their type from public to private so access to the original image will only be possible using a signed URL, which you can then extract either from the media library or via an API call to list existing assets. The URL will now be modified to include the signature. You can also generate it manually on-the-fly when using one of our SDK libraries.
As long as only e_blur:800 will be whitelisted for strict transformations, only this specific transformation will be accessible without a signed URL, so clients won't be able to change the blur intensity level. You won't need to provide a signed URL for e_blur:800 so the example URL you've initially shared will suffice and work, as long as the intensity level isn't modified.
Another solution, in case you are on the Advanced plan or higher, would be using token-based authentication, where you use your server to generate dynamic tokens, which can be only valid for a specific asset and transformation and can also be time-limited, if needed, so all request to any transformations or original asset without a valid token won't come through and will fail.
If you need further assistance with this or specific help with the implementation of any of these methods into your project's code, please open a direct support ticket @ https://support.cloudinary.com/hc/en-us/requests/new or by sending an email to support@cloudinary.com.
Best,
Raz0
Post is closed for comments.
Comments
5 comments