I have an image saved in my Firebase Storage. I would like to display this image in multiple emails that I send. I have so far used the download URL as obtained from my Firebase console and the image displays successfully. My question is: Is this the correct way of sharing the image? Is it secure? If not, then how should I get a secure link to that image?
Here's where I got the download URL from, in the Firebase console:
Any help on this would be appreciated.
Using a download URL is the appropriate way to share files outside of an application, or to users who don't need to be logged in.
I'm curious what you mean by "is it secure"? If you're sharing the object with someone, they can forward the link to someone else who can download it, but they can also just download the object and share it as well.
If you want to control access based on a particular user, you'll need to have users log in and download the objects in an application, rather than using download URLs. Granted, again, here they can take the downloaded object and share it with anyone else.
Related
I recently started getting into Typo3 but now I have to implement something for work and I have no clue where to start.
The requirements:
I have to add a separate page that can only be accessed by frontend
users. (so far no problem)
These frontend users should be able to login with the same password
as they got for their iOS app. (uh-oh)
The separate page should display data from the app. (less of an uh-oh
but connected to the previous point)
After talking to the developer of the app, he made a specific POST request that can be used for the webpage. I am also getting a json-file with the required data that I need to display upon successful login.
My question lies with the login. How do I go about implementing this? I use the extension felogin to provide the login form on the page.
The POST request is looking sort of like this:
https://domain.at/api/queryMediaItems. It needs user and password, declared as user and pwd. In the body there should be a json object with the language, e.g.:
{"language":"de-at"}
You need to implement a SSO (SingleSignOn) as your users need to identify against the iOS-app.
This might give you a concept.
You also can look inside the code of some extension
I want to create a new iOS app.
and for this app I have some security questions
Example
The first start the user log in with username and password. When the log in is correct The user receive a api code. Just This code Will be stored in the app
So every time they use a make a request to the side like calling for the use a list I don't send the username and password I will send the api code for authentication.
Like this
https://example.com/api/{APICODE}/getUserList
The answer will be json
So my Questions are
- how to securely store the api code in the app
- is there a better way to make the requests
- I will store the requested data in the app, what is the best way, SQLite or plain files with json
The reason is That the app works without Internet
Thanks for help
Save secured data in the Keychain. For other you may use UserDefaults, files, SQLite DBs, CoreData
How to send files to MUC Rooms using XMPP Framework?
I have searched a lot about this.
Using the SI method i get error 503 service unavailable or Wrong JID ,but how to pass a resource for groupchat ?
I had used the method to transfer image using string data but now its not up to my needs. I read that we can upload file to server and send the link instead. I'm using openfire server.
If anybody has some insight about this please share. Any help is appreciated. Thanks !
Yes you can upload your image to a server and send the link.
The flow goes like this:
You need to send a thumbnail image using xmpp (and the link of the original image stored on server), like you must be sending the entire image now in your application.
When the user clicks on the thumbnail image, you can download the original image from the server using that link.
I'm new to the site and new to developing so I'm looking for some general advice here.
I'm looking to build and app which works along side Instagram. So this is what I want to be able to do to start with.
User opens app and can submit an already posted (and held on Instagram) photo to the app. The user at this point will need to be asked to log into their Instagram account. So for example they would select submit and it will open a window asking them to log into Instagram and then it will display all their available photos which they have posted.
User selects the post they wish to submit to the app.
Image displays on app in a gallery of submitted posts by all the other users for people to see.
Thats the basic premise. It's actually a lot more involved than that but I am learning and trying to keep it simple at the moment.
What I would like to know is. Is this possible, are there any guides which exist on how to do this.
What sort of process will I be looking at here. I've tried looking for posts on Instagram integration etc but I can't find anything similar to this.
Thanks in advance any help or pointers on where to even start will be helpful.
error instagramdemo
Stpes to integrate instagram:
1)https://www.instagram.com/developer/
You would have to create an application on the instagram developer portal, get a client ID for performing OAuth flow.
2)Ask your users to login to the instagram app and get the auth_token from instagram API.
3) Use the auth_token in all your requests basically.
4) Download code from here: https://www.sendspace.com/file/mnuqck
and replace your clientid in my code. you will get response in code.
These libraries should help you get started,
https://github.com/shyambhat/InstagramKit
https://github.com/crino/instagram-ios-sdk
You would have to create an application on the instagram developer
portal, get a client ID for performing OAuth flow.
Ask your users to login to the instagram app and get the auth_token
from instagram API.
Use the auth_token in all your requests basically.
The whole flow would have been implemented for you in the libraries I mentioned.
Say for example if you are using InstagramKit and after integrating/authorisation by the user getting images from the users feed would be as simple as below,
InstagramEngine *engine = [InstagramEngine sharedEngine];
[engine getSelfFeedWithSuccess:^(NSArray *media, InstagramPaginationInfo *paginationInfo) {
// media is an array of InstagramMedia objects
...
} failure:^(NSError *error, NSInteger statusCode) {
...
}];
Steps to get InstagramKit up an running,
Download the InstagramKit from github.
Make sure you have cocoapods installed on your mac, refer
https://cocoapods.org/ for help.
Open the InstagramKit-Example on terminal and run the following
command,
pod install
Wait for the pod to finish its magic.
Now you should have InstagramKit-Example.xcworkspace created in the InstagramKit-Example, open it and run.
I just did it now,
I know this can sound absolutely stupid, but I could not find any way to solve this problem.
Say I've a mobile app: from this app, after purchasing an item, since the item is downloadable from a server, I make the user download a file to his device. Problem is it looks like it is very easy even for not so smart people, to get the URL of the file, so, without purchasing anything, the not-so-smart-guy can eventually download the same file for free (using a common browser).
Apart from the language I use (it is not important here, it can be JavaScript, Java, Objective-C, whatever), how can I prevent this issue WITHOUT developing an authentication system?
Generate a token for successful purchase, store it in the server side session or database. Add the token as a query string parameter for the file download request. Implement an filter for the file download request to validate the token.
To make sure that the URL is not share able - find some unique attribute of the device that can't be spoofed easily, hash(url,token,unique property) and add it to the url.