For Workes & Pages, what is the name of the domain?
NA
What is the error number?
NA
What is the error message?
NA
What is the issue or error you’re encountering
Would expect private/presigned URL with expiration to stop working past expiration date, it does not.
What are the steps to reproduce the issue?
I create a presigned/private URL using the following example - Serve private images | Cloudflare Image Optimization docs - the presigned URL works great, I am able to access the photo and any modifications to the URL results in an access denied, as expected.
However, I was expecting that with an expiration set, that past that expiration the URL would die well. My biggest concern is I serve up photos within an app meant only for the specific user, if someone got that presigned URL and shared it, it would be open to the world forever with my biggest concern being it gets abused somehow (ends up on a high volume site, whatever).
Here is an example of the URL with important bits removed - this expired on 8/24 but the image is still available to view: https://imagedelivery.net//public?exp=1724515000300&sig=… is there any point to the expiration value? Is this a bug? do I just not get it (strong likelihood).
As a side note, I’d love a future enhancement where you hit an end point with an image ID and cloudflare gives you back a presigned URL to use… anyway, thoughts?