Inline image security with forwarded emails
Summary
How to secure inline imagesContent
We've had this come up as a potential issue with one of our customers. They're often sent sensitive data as inline images in an email, which service cloud makes accessible via the *site*/ci/inlineImage/get url when it's forwarded out via a rule. Their issue is that this folder is entirely unsecured, if you know (or can work out) the URL, you can access these images without the need for any kind of authorisation, and as far as we an tell, nothing is ever cleared from it and the address is static.
Tagged:
0