himochi

Mochi

@himochi

of the Silver Fuller

  • he/him

this night you need not walk alone


Just a guy!

Sleepy vibes and chronic fatigue zone so activity will be on and off probably.

Hobbies include art, tabletop games, hyperfixating, and more.

log inask
If you wanna send me little a money:
ko-fi.com/himochi
himochi
@himochi
Hexephre
@Hexephre
twilight-sparkle
@twilight-sparkle
This page's posts are visible only to users who are logged in.
log in
Hexephre
@Hexephre

transcription: (i copied this text via ocr so there may be typos idk it's early im tired)

Discord Developers #discord-api-announcements Today at 10:49 AM

New Authenticated Attachment URL Parameters

To improve security of Discord's CDN, attachment CDN URLs have 3 new URL parameters: ex, is, and hn. Once authentication enforcement begins later this year, links with a given signature ( hn ) will remain valid until the expiration timestamp ( ex ).

Attachment CDN URLs have already started following the new pattern, so your app will begin to encounter the new parameters in attachment CDN links, but authentication is not being enforced until later this year. More details about when authentication will start to be enforced will be shared in the upcoming weeks.

Details about authentication parameters

  • ex: timestamp indicating when the attachment URL will expire, after which point you'd need to retrieve another URL (by doing something like retrieving a message via HTTP). More details o come about the length of time this will be by default.
  • is: timestamp indicating when the URL was issued
  • hn: unique signature that remains valid until ex.

Handling authentication parameters

When links expire

To access the attachment CDN link after the link expires, your app will need to fetch a new CDN URL. The APT will automatically return valid, non-expired URLS when you access resources that contain an attachment CDN URL, like when retrieving a message.

The client behavior is not changing and will refresh posted URLS to be automatically valid, so your app doesn't need to worry about refreshing URLS itself if the link was valid at the time of posting.

In messages your app sends

The behavior in the client will remain the same. Links posted in the client will be automatically updated if the link was valid at the time of posting, so you don't need to update your message's content when it includes an attachment CDN link (in cases like apps reposting images using CDN links).

If your app needs access to the content

If your app requires access the content from an attachment CDN link, you should fetch the contents from the valid CDN link and upload them to a secure, independent host that your app maintains access to.

You must log in to comment.

in reply to @twilight-sparkle's post:

craw
@craw

something confuses me a lot about this. they mention that cdn urls posted [within discord] before they expire, will be updated by the client when tried to be accessed after expiration

does this mean the actual message content... changes? when it includes an expired url to a cdn link that was valid on posting?

login to reply
pendell
@pendell

I would imagine the link in the message would remain the same but the client would simply strip away the expired parameters and serve up fresh ones for you to view the media through.

So like the link in that old message wouldn't change but if you open in browser that link you're actually viewing the media on would be different, as your client served a new id and stuff.

login to reply
Pinned Tags