Object Storage Service (OSS) provides the source image protection feature to protect your images from being used by unauthorized anonymous requesters. After you enable source image protection for your bucket, anonymous requesters can access images in the bucket only by adding style parameters in the requests or using signed URLs.
Background information
- Use the file URL that contains the style parameters in the format of https://BucketName.Endpoint/ObjectName?x-oss-process=style/StyleName.
- Use the file URL that contains a signature in the format of https://BucketName.Endpoint/ObjectName?Signature.
Procedure
FAQ
- Q: Why is HTTP status code 403 returned when I directly access a protected image,
whereas HTTP status code 200 is returned when I access the image over Content Delivery
Network (CDN)?
A: One possible cause is that the request is redirected to access a private bucket over CDN. Source image protection is applicable only to objects that are accessed by anonymous users.
- Q: How can my source image still be accessed by using a signed URL when source image
protection is enabled for the image?
A: Source image protection is applicable only to objects that are accessed by anonymous users. Access by signed URLs is not anonymous. Therefore, the source image can be accessed by using a signed URL even if you enable source image protection.