More than happy to hear your suggestions, but the fundamental issue here is that the token is the URL, and its that passing through proxies, etc. that represents the disclosure of a potential security issue.
More than happy to hear your suggestions, but the fundamental issue here is that the token is the URL, and its that passing through proxies, etc. that represents the disclosure of a potential security issue.