Do not use default url when conversion does not exists

[francoism90]

I think this actually may also fix a security risk:

$url = $this->getFirstMediaUrl('clips', 'thumbnail'); // thumbnail does not exists (yet)

echo $url; // https://s3.example.com/media/media_original_filename.mp4

It shouldn't fallback to the default media asset (media_original_filename.mp4 ), as in my case this is not exposed to the public.

This results in a 403 (because I have set my s3 permissions correctly), but could result in exposing information and a invalid fallback even if public (it tried to render an image with a mp4 file).

I do understand you can use hasGeneratedConversion(..), but I think most will just return a null if not generated yet. For example:

// PostResource.php

public function toArray($request): array
{
    return [
        'id' => $this->getKey(),
        'name' => $this->name,
        'thumbnail' => $this->getFirstMediaUrl('clips', 'thumbnail'),
    ];
}

It's perfectly possible to do the null check in your frontend, or even implement the fallback in a component (e.g. broken image icon).