Is there a reason why there is a whitelist of specific hosts? I'm pretty sure there is a way to allow all https image hosts, if that was the goal you were going for.
|
This was significantly easier than implementing a reverse image proxy which can have security and resource (hard drive space, bandwidth, CPU time) issues.
I've wanted to white-list image hosts for a while but just got around to doing it, being able to force HTTPS was also a nice perk to go with it.