0

Hi everyone, kindly help me for the issue, i am building a web application where members need to add/upload their avatars and other images, but instead of letting them upload images directly from their PC, i allowed them only to take URL ('Copy Image URL') from external websites by right clicking on an image, and paste that URL in url bar to save that image, then i save that URL from any external website in my own databse table to make their record and later display, i am fearing if this method can make problem for my own web server to make multiple external image requests to other websites and then display them, causing my server to respond slowly when there is thousands of images being grabed from external sources, will it make my web site server resource to work more? and make it slower??? whats the best way, should i make arrangement for actual image file uploads? please guide me, will be really thankful !

2
Contributors
3
Replies
27
Views
3 Years
Discussion Span
Last Post by cereal
2

If you simply paste the url into the html output, then it will be the client (i.e. the browser of the user) to execute the request to the remote server, your server in this case won't be involved.

But there are at least two problems with your approach:

  1. a user, can change the content of the original linked image to embed client side scripts, so as an attacker, he could collect the cookies of the other users of your website or replace some contents;

  2. remote servers will slow down because you're hotlinking their contents, you should ask permission to do so, otherwise use a CDN.

0

hhmm, nice cereal, thanks for your help, yes there are some problems involved in this approach, so what you think how to get rid of these problems using the same approach? if you have any idea! will be helpful for me n other.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.