Signing API / Cloudinary signing #1101
Conversation
AlexanderGeere
requested review from
cityremade,
dbauszus-glx,
KieronFerrey,
RobAndrewHurst and
simon-leech
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
There was a problem hiding this comment.
It's mostly there.
I removed the warning in the cloudinary entry module.
The warning will be added to the _entries module once the cloudinary module can be removed after testing a cloudinary plugin to replace the existing module.
For now the current method should work and the plugin should override the current methods when loaded.
I get a warning in regards to third party cookies. These come from the image src request after an image has been uploaded with a signed URL.
These cookies should be removed if no longer needed.
|
@dbauszus-glx in to replicating the warning I see that res.cloudinary.com should not set a cookie (see cloudinary/cloudinary_npm#308 (comment)), which is the url for the the image request. Being logged in to cloudinary in a separate tab is what causes the warning. |
dbauszus-glx
added
the
Feature
What
Creates a new API for signing requests to third party services e.g cloudinary, s3, etc.
The signing API Initially will only support cloudinary.
Why
Signing requests and then letting the client make the call to the service will take some load off the backend as well
further decoupling some of these services from the backend.
How to test
Use this pull request along with the sign workspace on the bugs_testing branch.