BACKGROUND: Each user has their Facebook profile image URL associated with their account. This image is called using <%= image_tag(#user.facebook_image_url) %>. Each user's Facebook URL takes the following form: http://graph.facebook.com/123456/picture - with 123456 being the user's particular Facebook ID number.
OBJECTIVE: I'd like to prevent other users from being able to figure out who the user is simply by right-clicking 'copy image url' and looking at the ID in the image URL.
Is there a gem/plugin or better way to accomplish this other than downloading the user's image from Facebook's servers?
AFAIK, there are only two options: Either you download the image as you say and deliver it to the browser with your own url, or you let the browser do the work in which case the browser (and it's user) has to know the url.
Have a look at Get Facebook real profile image URL. It seems, facebook performs some kind of redirecting. Perhaps you can use that for your purpose.
Related
I am building an IOS app that will post weblinks to facebook and other social media using social media framework (not facebook-graph-api) and it works as I desire. eg:
http://example.com/page1.html?code=123456
I do however want that when my friends on facebook open that external link and it opens in an external browser - their facebook user name gets passed on to the browser so I can allow them to add comments to the weblink.
To clarify - the comments to be added will be on my website for the page they just opened (and not the comments in facebook)
Is it possible to do this ?
You can only do something with URL while posting it. Well if we posting URL on wall of known user then we can achieve your problem with following approach.
I think you can append name of friend as a get parameter in URL. So whenever your friend opens this link, its corresponding name is also passed along with URL. As far as security is concerned you can consider to append some security code to URL as well. Which will be validated against Name of friend.
For example.
http://facebook.com/?Name=Friend_Name&SecurityCode=Some_Unique_Code_Based_On_Friends_Name
I have twitter ommiauth as my user model and I pull in when they register a link of their profile picture via the hash auth.info.image. Iv noticed some are now breaking where the user has updated their profile picture on Twitter.
I noticed there is a part of the hash that gets the image over https (profile_image_url_https) in the raw_info section. Details here https://github.com/arunagw/omniauth-twitter. is this the best practice to link to so it doesnt happen again?
My issue is that I may have a user that logs in once and leaves a comment but then their profile changes and it breaks on the site.
Is there another way I should be implementing this?
Any information would be much appreciated.
If you are saving the twitter image url when a user creates an account or logs in via oAuth and not checking whether it has changed when attempting to display it this would be expected. The only thing I can think of to fix disappearing links would be to test the data with an http or url call and replace it with a placeholder image or ping the API to retrieve the updated image.
From the Twitter API I obtain user's ID (of course beside profile link, username etc). How can I display the link to user's profile according his ID?
For example, Facebook API provide user's ID as well, and if I put to the browser www.facebook.com/users_id, I'll get his profile...
Is there any way to do with Twitter? www.twitter.com/users_id returns empty page...
EDIT: obviously I can save user's URL (or his username), but the respective user can whenever change it...
what do you call a twitter "profile" ? I guess you talk about the user timeline
according to the api doc, your url should probably look like this :
https://api.twitter.com/1/statuses/user_timeline.html?&user_id=(your_id_here)
however, i would advise to use one of the twitter api gems to ease your pain...
The Twitter API documentation for GET users/profile_image/:screen_name states that:
This method should only be used by application developers to lookup or check the profile image URL for a user. This method must not be used as the image source URL presented to users of your application.
This API call returns a 302 redirecting to the profile image url. What is the best practice to make those images available for ones application? The easiest way it seems, would be to use the resulting url string and embbed it in the apps html code (e.g. in the src of an img tag). The alternative would be to store the image locally as a file or in a blob field.
Is linking the image covered by the "must not" or does that mean that you shall not call the API, but you do can use the resulting url?
In the past, I've simply stored the URL in the database and then reused the url when I needed to present the image.
Pulling down and storing the images is more complex and adds a dependency for access to the stored images on your application.
I'd also recommend that you re-fetch the image url periodically as users change their profile pics sometimes.
The twitter api states:
Once an end user has authenticated via Connect with Twitter, you must clearly display the end user's Twitter identity. Twitter identity includes visible display of the end user's avatar, Twitter user name, and the Twitter "bird" mark. Displays of the end user's followers on your Service must clearly show that the relationship is associated with the Twitter service.
Through RoR gem OmniAuth is possible to get an informations about the users, who log-in to the application through their Twitter or Facebook account. Both of these social sites in their API offers among other also the avatar, what's great.
The worse thing is, that the size of image is 50x50px (I know, avatar).
Exist any way, how to get the original image, from that was created avatar? (The reason why I want it is, that I would like to display a photo of user in the bigger size)
Two options:
GET /${USER_ID}/picture?type=large; the response is a 302 redirect so you can obtain the url from the response header. See the docs for the User object for other values for type. (Contrary to the docs it looks like an access token is required.) This doesn't get you a particularly large image.
GET /${USER_ID}/albums and find the album with type=profile. GET the photos in this album with /${ALBUM_ID}/photos: I think the first photo is the current avatar (it is for me), and more sizes are available than with the first method.
You may try to get from gravatar[1] with email.
http://en.gravatar.com/site/implement