[ic] Force external image links to inherit page security
Paul Jordan
paul at gishnetwork.com
Wed Dec 5 23:44:46 UTC 2012
> > I am working on a system where I need to host images - mostly product
> > images, in the cloud.
> >
> > Is there a (built in) mechanism to write plain ole http:// src's to
> > the page, but have the page sense if it is being requested via https,
> > and exchange any 'http' with 'https'? Or, is there perhaps a method
> > to declare a variable twice, once for http requests and once for https
> > requests? If so, then I could do:
> >
> > S3_IMAGES http://..... https://..... Cloud product images
> >
> > I realize I can use ImageDir and ImageDirSecure, but these are only
> > singular solutions. I need to leverage a couple of these (as if I
> > we're using multiple clouds). Obviously I can do a bunch of
> > If-Secure-Else in all my pages, but I was hoping for something more
> elegant.
> >
> > Or if nothing else, has anyone needed to use multiple external asset
> > hosts and deliver the same page(s) via http and https? What did you
come
> up with?
> >
> > Worst case scenario, I can poor man it:
> >
> > [if type="explicit" compare="[is-secure]"]
> > [tmpn ssl]s[tmpn]
> > [else]
> > [tmpn ssl][tmpn]
> > [/else]
> > [/if]
> >
> > <img src="http[scratch ssl]://foo.bar.jpg" />
> >
> > But... that seems like the old me :-)
> >
>
> I'm working on a very similar thing right now. Using Rackspace Cloudfiles
> CDN, the URL is completely different for SSL compared to just http (also,
a
> different URL for each "bucket" -- thumbnails vs.
> full images). So, I was thinking of doing an autoload routine to set some
> scratch vars depending on the result of the is_secure tag. Then, I will
use
> those URLs for the images.
Dan's and Jon's suggestions will work great for me. You can still use IC
variables to declare further "buckets" - you just need to inform the base
URL to look at your CDN collection.
CLOUD_DIR //cloud.cdn.com/mainbucket
Then in your page:
<img src="__CLOUD_DIR__/thumbs/foo.jpg" />
At least on S3, these pseudo "directories", for all intents and purposes,
can be used just like "folders".
But, if your http and https images are located on different base domains,
then yeah, it wouldn't help you. You could use ImgDir and ImdDirSecure if
all images are handled the same way.
On another note, I was recently digesting this:
http://aws.typepad.com/aws/2012/03/amazon-s3-performance-tips-tricks-seattle
-hiring-event.html
It was regarding how to better control S3 auto-hashing of buckets/keys
because I was wondering if I should limit the number of objects in a bucket
or provide manual hashing.
Paul
More information about the interchange-users
mailing list