prohibiting access to original size pictures
This is an open discussion with 2 replies, filed under General.
Search
Just tried this out quickly and the following seems to work: create a .htaccess file inside each image upload directory you want to protect consisting of:
Order Allow,Deny Deny from all
That wouldn't stop JIT calls to larger sizes, of course, but maybe it's a start.
but people can reverse engineer, and get any size of image they want, also very big sizes
The latest version of JIT (integration) has new "named recipes" functionality so you can create resize URLs that contain a name such as /images/gallery-thumbnail/:path
which masks the actual sizing information. It hasn't really been tested yet, but is something we're working on.
My plan is to write an extension that pre-saves images at the various recipe dimensions so you can bypass JIT on the frontend entirely, but I haven't started work on it yet! It'll be around Symphony 2.3 time.
Create an account or sign in to comment.
Using JIT is great, but people can reverse engineer, and get any size of image they want, also very big sizes, or the path to the original size. Is there a way to prohibit these for non members (members extension)? Mod rewrite, or having JIT save a duplicate smaller image in a separate location? (without un-dynamizing the entire site by serving at static version obtained from a wget)