Sending embedded cloudinary images in email body
Hi everyone!
We just managed to add authentication to our assets via cookie, and now we are facing issues when our email bodies are rendered in email clients, such as Gmail.
I don't fully understand how email servers work and handle HTML body payload, but I guess they try to download the asset (probably for security reasons) or proxy the request to the original URL.
In any case, since we send cookies to auth the image, Gmail fails to render it since it cannot find the image due to the request not being made with auth cookies).
Is this a known issue? Do you guys have any tips to workaround this problem?
We've been thinking about giving temporarily free access to the images being sent, but before trying this approach I was wondering if maybe Cloudinary could have a whitelist of all email servers for assets? (kinda opens a security breach but would be easier to work around the problem)
Best Answer
-
Cookies are usually served with HTML requests over HTTP. Email is not HTML served over HTTP, it's HTML over IMAP or POP. Since there's no HTTP request for the HTML, there's nowhere for cookies to be sent.
You can try using Token-based Authentication instead.
0
Answers
-
Thanks for answering!
yeah, it seems that using token directly in URL is the best way indeed!
Thanks
0 -
Actually I Just tested it out today and it didn't work properly.
Gmail generates a proxied link to cloudinary image:
But it's still not rendering in gmail.com
If I get just the url link, the image downloads normally!
I found this stack overflow that says that google uses this proxy to cache images, and it does not allow query strings 😥
0
