Comment 8 for bug 1287949

However, I see that only as a temporary hack. I would expect the proper fix to be 2-fold:

* determine signedImageDataOnly based on config criteria (default to true unless custom image-metadata-url is provided
* add a config option to explicitly override the calculated signedImageDataOnly value