Domain whitelisting

As a reminder, a Cloudimage URL looks like:

//token.cloudimg.io/original_image_url?operations&filters

By default, images from any origin domains can be resized by Cloudimage and the storage and traffic consumption generated by the images will count toward your plan's allowance. In the Cloudimage admin console, you can restrict the list of origin URLs that your token can transform images from.

If you are using aliases and you have Domain whitelisting enabled, you have to include all aliases in the whitelisted domain list.

Step 1 - configures domain whitelist in the Cloudimage admin console

Log in to your Cloudimage admin console and navigate to Image settings / scroll down to Whitelisted domains: Configure your original image domains / S3 buckets.

$Photo alt \#responsive$

Please note that when you whitelist eg. sample.li, this will also whitelist all its subdomains sub1.sample.li, www.sample.li, etc.

Whitelist and static content

By default, when delivering static content, the domain whitelist is not respected. If you would like to restrict delivering static content to whitelisted domains only, you can enable the Honor whitelist when delivering static content option in the Admin console.

$Photo alt \#responsive$

Step 2 - Try it out!

This Cloudimage URL works:

//doc.cloudimg.io/http://sample.li/boat.jpg?width=500

This one does not:

//doc.cloudimg.io/pbs.twimg.com/profile_images/839721704163155970/LI_TRk1z_400x400.jpg?w=500

Token security

URL signature

Was this page helpful?