3

In our application, there is a kind of a "share" feature that sends an email to a user-provided address. This email contains a link with a secret access token (as part of the URL) that is valid for a few days. The page where this that link points to contains confidential information.

Now there is a feature request to use Gravatar in the whole application to show a nice picture of the user, if the user happens to have a Gravatar account. Now I fear that by including Gravatar on the confidential page mentioned above will compromise that link.

Is Gravatar (or rather Automattic) able to see the referrer where a request to the user picture is coming from? If yes, is there a way to use Gravatar in a way that private URLs as mentioned above aren't exposed?

theDmi
  • 395
  • 2
  • 10

1 Answers1

8

You could proxy the requests to Gravatar through your app, so that all requests come from the same place (or at least not from your private URLs themselves).

Something like this:

<img src="https://yourapp.example.com/users/1/avatar">

With an endpoint in your app that fetches the Gravatar image, and re-displays it at the new url above.

In Rails, I might do something like this as a first pass:

require 'open-uri'
class UsersController
  def avatar
    gravatar_id = Digest::MD5::hexdigest(current_user.email).downcase
    image = open("http://gravatar.com/avatar/#{gravatar_id}.png", &:read)
    send_data image, type: 'image/png', disposition: 'inline'
  end
end

I may also consider base64-encoding it and/or caching it in the DB temporarily, or using it for a "starter" avatar, and still allow users to upload custom ones.

Unixmonkey
  • 196
  • 3