I sort of explained my thought process above but I suspect they've done it this ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ruskyhacker on Dec 14, 2022 \| parent \| context \| favorite \| on: Twitter DM Videos Are Accessible to Unauthenticate... I sort of explained my thought process above but I suspect they've done it this way for "cdn things" It's not great, there's certainly a way to secure it, but like many other solutions - stuff it in a storage bucket with a "random" url is "good enough" in the eyes of the platform.

infotogivenm on Dec 14, 2022 [–]

No disagreement here, that must be why they do it. But most CDNs e.g. S3 handle expiry in their signed URL implementations.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact