Reputation: 1860
showing Facebook profile pic without revealing userId
I am building a Facebook app that has the ability for others to submit stories, and if they publish this story to "Everyone", then anyone, even people who aren't their friends, can see the story. I want to add the user's profile pic to the story. I know that you can access this via:
https://graph.facebook.com/<userId>/picture
However, I do not want to expose the user's userId this way. Someone could just view the source, see their userId in the src URL and then the person's privacy has just been compromised.
I want to hide the userId so that this type of privacy leakage is NOT possible.
Is there a way to do this, or is my only option to save a non-profile image for the user?
Upvotes: 1
Views: 436
Answers (1)
Reputation: 3858
They will always be a way to identify a user from their profile pic, assuming they have one set and aren't just using the standard silhouette. The UID is part of the string that makes up our CDN urls for profile pics, so there's nothing that's 100% foolproof.
Your best course of action would likely be query the Facebook API and store the CDN URL directly from there before rendering - eg for me, querying
https://graph.facebook.com/260300016?fields=picture will return the URL for my current profile picture - https://fbcdn-profile-a.akamaihd.net/hprofile-ak-snc4/203337_260300016_1473273891_q.jpg
Upvotes: 4
Related Questions
- Get user profile picture by Id
- How can I display the users profile pic using the facebook graph api?
- Facebook graph API: ID of user profile picture
- Is it possible to display Facebook user photos if someone isn't logged into Facebook?
- Get the user's profile image in facebook graph v2.2
- get facebook user's profile picture without access token
- Graph API doesnt return Profile's picture
- Generate Facebook user picture using third_party_id
- Display name & picture knowing ID
- Facebook Graph fetch user Photo