#security question

hello i got a small question, is this code secured, is there something that should not be displayed on the client, i am talking about the image tag:

my code:

<script lang="ts">
    let { data } = $props();
</script>

{#each data.databaseData.documents as pet}
    <div class="pet">
        <p>title: {pet.title}</p>
        <p>description: {pet.description}</p>
        <p>by: {pet.by}</p>
        <img
            src="https://cloud.appwrite.io/v1/storage/buckets/67eab74a000065af9767/files/{pet.image}/view?project=67eaa8b10009d8a195f3&mode=admin"
            alt={pet.image}
        />
    </div>
{/each}

i feel like the project=67eaa8b10009d8a195f3 and buckets/67eab74a000065af9767 shouldnt be displayed or im just wrong, also what is this mode=admin

Having this is of no use to others
If you set permisson that a user who uploaded will see this image then others wont see or you can set if the viewer is your app user(verified) then they can see it.
If the image is public then it is readable as you have set the permission public
But still if you want to hide the project id from plain sight you could use getfilepreview method 🤷‍♂️

so as i understood there is nothing wrong with this, but if i want to go step ahead with security i can use getfilepreview

Yes

thanks!

Glad to help