📢 Community Announcement: Image Handling Update (imagehoster / condenser)

ety001 (73)in #steem • 9 hours ago

We’ve recently rolled out a coordinated upgrade across condenser (frontend/rendering) and imagehoster (image service). The goal is to remove reverse-proxying of third‑party images, reduce abuse risk and unnecessary resource consumption, and keep a stable, optimized experience for first‑party images.

Summary of Changes

Third‑party external images are no longer proxied/resized by our image service
- If an image URL in a post points to a non‑Steemit domain (third‑party sites / external CDNs), the system will no longer fetch, cache, or transform it via imagehoster.
- These images are rendered using the original URL, and display size is controlled mainly via frontend styles.
First‑party images still support resizing/optimization
- For Steemit first‑party domains (treated as first‑party under *.steemitimages.com), condenser will generate imagehoster /p/:url transformation URLs with query parameters such as width / height.
- This keeps first‑party images optimized for bandwidth and rendering performance.
Legacy image proxy endpoint has been disabled
- The legacy image proxy entrypoint /:widthx:height/:url has been disabled at the route registration level (code remains in place).

Demo (What You’ll See in Practice)

1) Third‑party images (no longer proxied)

Original image URL (example):

https: //example.com/path/to/image.jpg

Now the page will keep using the original URL (it will no longer be rewritten into something like https://steemitimages.com/.../https://example.com/...).

Display size is controlled by frontend CSS/layout.
Load speed and availability depend on the third‑party host (we do not proxy/cache/transform it anymore).

2) First‑party images (still resized/optimized)

First‑party image URL stored on-chain (example):

https: //cdn.steemitimages.com/DQmXXXXXXX/your-image.jpg

Example transformation URLs generated during rendering (/p/:url + query params):

640px wide (preserve aspect ratio):

https://steemitimages.com/p/<base58(url)>?mode=fit&format=match&width=640

1280px wide (2x / high‑DPI):

https://steemitimages.com/p/<base58(url)>?mode=fit&format=match&width=1280

Notes:

width=640 / width=1280 are used to produce different sizes.
Values like height=0 are not emitted; for aspect‑ratio preserving transforms, height is omitted.

3) Legacy proxy URL format (disabled)

Previously, legacy URLs looked like (example):

https: //steemitimages.com/640x0/https: //cdn.steemitimages.com/DQmXXXXXXX/your-image.jpg

This legacy entrypoint is now disabled. Going forward, first‑party images should use /p/:url?... and third‑party images should remain direct links.

Why We Made This Change

Security & abuse prevention: Reverse‑proxying arbitrary third‑party URLs is high‑risk (SSRF, bypassing restrictions, bandwidth abuse) and difficult to maintain safely long‑term.
Cost & stability: Fetching/caching/transforming third‑party images creates unpredictable bandwidth and storage pressure and can inherit instability from external hosts.
Clear boundaries: imagehoster now focuses on first‑party image serving/optimization with clearer responsibilities.

Impact on Users / Creators

Third‑party images can still appear in posts, but:
- they no longer benefit from our resizing/format conversion/caching acceleration;
- we do not guarantee load success or speed (this depends on the third‑party host and hotlink policies).
Images uploaded to Steemit’s image hosting (e.g. cdn.steemitimages.com/...) are not impacted and should continue to load and render well.

FAQ (Short)

Q: My external images became slower or sometimes fail to load. Why?
A: If the image is hosted by a third party, we no longer proxy or accelerate it. Consider re-uploading the image to Steemit’s image hosting and using that URL instead.
Q: Why do I see image URLs using /p/... now?
A: Those are first‑party image transformation URLs used for resizing/optimization. They only apply to first‑party domains.

If you notice issues (e.g., images not rendering, older posts still showing legacy proxy shells, etc.), please share a post link and the relevant HTML snippet or screenshot so we can investigate.

#witness #steemit #dev