Object Storage Service (OSS) provides the source image protection feature to protect your images from being used by unauthorized anonymous requesters. After you enable source image protection for your bucket, anonymous requesters can access images in the bucket only by adding style parameters or signature information to the URLs.
Background information
- Use the object URL that contains the style parameters in the format of https://BucketName.Endpoint/ObjectName?x-oss-process=style/StyleName.
- Use the object URL that contains a signature in the format of https://BucketName.Endpoint/ObjectName?Signature.
Procedure
FAQ
- Q: Why is HTTP status code 403 returned when I directly access a protected image,
whereas HTTP status code 200 is returned when I access the image over Alibaba Cloud
CDN?
A: One possible cause is that the request is redirected to access a private bucket over CDN. Source image protection is applicable only to objects that are accessed by anonymous users.
- Q: Why can my source image still be accessed by using a signed URL when source image
protection is enabled for the image?
A: Source image protection is applicable only to objects that are accessed by anonymous users. Access by using signed URLs is not anonymous. Therefore, the source image can be accessed by using a signed URL even if you enable source image protection.