Cleanup EXIF data from uploaded image originals

As far as I see, Ghost saves the uploaded images as-is to a public folder by just adding _o suffix to the file name. This can lead a privacy concern since Exif data can include device, time and location data. I think either original images should be prevented to fetch easily (by putting to non-public directory, maybe) or EXIF data should be cleaned before writing it to disk (or both).

I don’t know the route in Ghost, but I am a photographer of trade. If one doesn’t want to share certain parts of the EXIF data one can [should] remove these before uploading. That will put you ahead ot the game for any kind of future uploads.

This is an issue in other publishing platforms as well. I always upload the image after pre-processing it through something like Image Optim, or Xnconvert, which can be set to strip out some or all of the EXIF data. There may be issues with removal of copyright data - check first. Alternatively, Exiftool can be used to add/remove EXIF data as needed.

I think we should not consider all Ghost bloggers as “professionals”. Some people uses Ghost as a personal blog and uploading images directly from their phone. We should not delegate the responsibility of cleaning EXIF data to end user. EXIF data is already automatically removed from all of the resized images by Ghost. So it’s not a technical challenge. Also, there can be a config option about this (Remove personally identifiably data from uploaded images).

Maybe the main problem is, originally uploaded images are easy to reach publicly. But moving the location of original images can lead breaking changes, I guess. Because you are able to disable image optimization completely(enabled by default), and in this case you have only original image, no other versions.