| 12345678910111213141516171819202122232425 |
- require "openssl"
- require "base64"
- key = ["1eb5b0e971ad7f45324c1bb15c947cb207c43152fa5c6c7f35c4f36e0c18e0f1"].pack("H*")
- url = "http://img.example.com/pretty/image.jpg"
- # The key is 32 bytes long, so we use AES-256-CBC
- cipher = OpenSSL::Cipher::AES.new(256, :CBC)
- cipher.encrypt
- # We use a random iv generation, but you'll probably want to use some
- # deterministic method
- iv = cipher.random_iv
- cipher.key = key
- cipher.iv = iv
- encrypted_url = Base64.urlsafe_encode64(iv + cipher.update(url) + cipher.final).tr("=", "")
- # We don't sign the URL in this example but it is highly recommended to sign
- # imgproxy URLs when imgproxy is being used in production.
- # Signing URLs is especially important when using encrypted source URLs to
- # prevent a padding oracle attack
- path = "/unsafe/rs:fit:300:300/enc/#{encrypted_url}.jpg"
|
