Wildcard in Secure Tokens


#1

When delivering thousands of secured files to the same client, having to send thousands of secure token gets cumbersome and slow. Being able to make one token with a wildcard in, than can be used for all these requests, would be very powerful.

CDNs I know have this:

  • Amazon Cloudfront
  • EdgeCast
  • Fastly allows something similar by using a custom VCL

MaxCDN has it on their roadmap.

While we’re at it, it would be wonderful if the secure tokens were also at least HMAC-SHA1 instead of the broken md5 :slightly_smiling:


#2

Thanks for outlining your situation. We will evaluate that feature. Check out our blog for new features.


#3

+1 for the wildcard. a variant of this would be to specify a folder name (static) or folder depth for the token, rather than the full path.

eg folder name might be /images/secure/. Any images in that folder can use the same token.

or if you have per user folders, eg

/user1/images/secure/
/user2/images/secure/

then being able to specify a folder depth of 3 (or a path of //images/secure, or ///) would be awesome


#4

We’d also be happy campers if this could be implemented.