Hi - I recently noticed that the URLs for attachments in my base are ‘sometimes’ exported with additional parameters that looks something like this:
I’d prefer just the basic URL, and am also concerned that exposing the UserID is a security flaw - since I’ve shared these asset links, usually images, on a public platform without inspecting the URL closely.
I am using the API (via pyairtable) to get these URLs. Sometimes the extra parameters are included, and sometimes they’re not. I haven’t been able to ascertain what is causing the different outcomes.
Has anyone experienced this, or had similar issues?
The user ID parameter is likely your user ID, but it’s not a security flaw. It is anonymized (doesn’t reveal your identity), and it does not represent an ID used to gain access to Airtable. It is there purely for tracking purposes.
The cs parameter is typically a session ID; also innocuous.
Then your app needs to parse away these parameters.
Any rendering of URLs with these parameters is ignored by the browser, but more importantly (as @ScottWorld makes clear), you need to eliminate CDN URL dependencies from your process in the next few months or face some surprises. Furthermore, any and all URLs shared in the wild will become invalid.
Depending on your business case and application architecture, you might need one of these.