[Enterprise] More robust URL signatures

In order to be easier to handle, Image-Charts now checks the signature for both encoded and decoded query params.

Until now, our HMAC signature check was only based on the encoded URL. However, the resulting URL was sometimes decoded and encoded by various intermediate transportation layer (e.g. webmail proxies, automation pipeline and so on).

Now Image-Charts will also check the signature against the decoded URL version in order to be URL-encoding algorithm-proof.

You do not need to worry about generating a string of the whole query with the right URL-safe characters anymore, if the basic query string check does not work, Image-Charts will also try to decode every query parameter pairs and then check the resulting query string against your signature (ichm).

Generating a signature based on unencoded URL parameters is the recommended way as it's much more robust and abstract away the encoding the transportation uses (e.g. webmail proxies, web-browsers, enterprise proxies).

Learn more with our updated code examples