Sending embedded cloudinary images in email body

sauloxd Member Posts: 3
edited June 2023 in Developer APIs

Hi everyone!

We just managed to add authentication to our assets via cookie, and now we are facing issues when our email bodies are rendered in email clients, such as Gmail.

I don't fully understand how email servers work and handle HTML body payload, but I guess they try to download the asset (probably for security reasons) or proxy the request to the original URL.

In any case, since we send cookies to auth the image, Gmail fails to render it since it cannot find the image due to the request not being made with auth cookies).

Is this a known issue? Do you guys have any tips to workaround this problem?

We've been thinking about giving temporarily free access to the images being sent, but before trying this approach I was wondering if maybe Cloudinary could have a whitelist of all email servers for assets? (kinda opens a security breach but would be easier to work around the problem)


Best Answer

  • Akshay_joshi
    Akshay_joshi Administrator, Cloudinary Staff Posts: 6
    Answer ✓

    Cookies are usually served with HTML requests over HTTP. Email is not HTML served over HTTP, it's HTML over IMAP or POP. Since there's no HTTP request for the HTML, there's nowhere for cookies to be sent.

    You can try using Token-based Authentication instead.