For a non-profit client, I’m designing and building a website on the JAMstack. I’m intending to use Netlify’s Large Media on the project, mainly to make use of the image transformations. As this is a non-technical client and for the sake of being future proof, I’d prefer the users to upload images in their original quality and filesize (through Netlify CMS, of course). They are concerned however, about the original images being available to the public by altering the image url.
Is there a way to prevent access to the original images, but allow access to the transformed images? I know this is not a native feature of NLM, but maybe it could be done with redirects? If not, consider this a feature request
This is a really great question! I sent this over to a member of our team who has some deeper knowledge of large media files. Hopefully we can get some ideas generated for you here.
Since it’s in Beta, I haven’t tried it myself, but it might look something like this:
export function onRequest(event) {
if (event.request.url.pathname.endsWith('jpg')) {
event.replaceResponse(() => {
if (window.location.search) {
var response = new Response({
status: 200,
headers: {
location: event.request.url
}
});
} else {
var response = new Response({
'<h1>Access Denied</h1>',
status: 403,
headers: {
'content-type': 'text/html'
}
});
}
return response;
});
};
};
Something along these lines might work. If this works, it will work with any query parameter, so you might have to add additional checks to see if they’re only the parameters that you want to allow.
Hi, @tomrutgers. I don’t have a good solution for you using redirects. I’ve not found a way using redirects to block access to the untransformed image.
I can enter a feature request for this but there isn’t much activity on the Large Media project so I don’t have a promise of when or even if that feature might become available. Should I proceed with that feature request?
