|
|
|
|
|
|
by j1436go
3448 days ago
|
|
|
Your decryption/encryption secret (key) is stored on the server side only and if a client requests a thumbnail, you can validate the URL value by successfully decrypting it with this secret and probably do a simple HTTP URL validation check of the decrypted value.
And you have to encrypt all thumbnail URLs with this secret before passing them to the client. |
|
|