Image broken in Rails 4, Refinerycms Edge #2681
Comments
|
@anitagraham Any thoughts? |
|
looking now... |
|
Hmm... I can turn my server on/off and get images returned correctly on the frontend (with ?sha in the url) Do you change the dragonfly config related to the SHA? Making verify_urls true # enabled by default, use false to disable it - adds a SHA parameter on the end of urls
secret 'This is my secret yeh!!' # used to generate the protective SHAI'll keep looking |
|
I have the same issue: it worls until the server is restarted (locally or on Heroku). |
|
Hmm.. this is an issue. So we can't insert references (URLs) to images and use the DOS protection because next time you restart the server the SHA will change? cc @markevans |
|
I just built a completely new refinery app using gem 'refinerycms', github: 'refinery/refinerycms', branch: 'master'
gem 'refinerycms-i18n', github: 'refinery/refinerycms-i18n', branch: 'master'
gem 'refinerycms-acts-as-indexed', ['~> 2.0', '>= 2.0.0']
gem 'refinerycms-wymeditor', ['~> 1.0', '>= 1.0.0']
gem 'seo_meta', github: 'parndt/seo_meta', branch: 'master'
gem 'refinerycms-page-images', path: '/Applications/MAMP/www/refinerycms-page-images'(I have forgotten how to do images without page-images, and I needed my local strong-parameters version of page-images). But I can retrieve the same image in different server sessions with different SHA. and both got the image formerly known as Pinnacles.JPG. However, this is really on my local system, with a server restart but not a system restart. Would a more complex system where the system and image servers change still work? |
|
After a server restart does the old SHA still work? |
|
This is from my Gemfile: gem 'refinerycms', github: 'refinery/refinerycms', branch: 'master'
gem 'refinerycms-i18n', github: 'refinery/refinerycms-i18n', branch: 'master'
gem 'refinerycms-wymeditor', github: 'parndt/refinerycms-wymeditor', branch: 'take-2'I don't use page-images, i don't need that engine for the current project. The idea is as following: you upload an image, you have an URL for it, you post it in a page and save the URL You restart the server, another URL is generated for that image (with another SHA), but the page still contains the old URL, with the old SHA code. The issue is not that you can't access images from the panel of images (as Oshovah said: "In the Backend Image library, the url of the Original images are always working"). What doesn't work is the fact that changing the SHA code after a server restart, any URL (that point to that image) saved in pages will not work anymore. |
|
@parndt : No, after a server restart the old sha doesn't work. |
|
@codenighter as an aside, the # Add support for refinerycms-wymeditor
gem 'refinerycms-wymeditor', ['~> 1.0', '>= 1.0.0'] |
|
I think the solution might be to set the DoS protection to |
|
@parndt the sha parameter does NOT change when you restart the server. However it did change with 1.0.7 compared to 1.0.6 to make it more secure. In hindsight I should have made the change in 1.1, because it changes the url, but at the time thought it was better to have people update to it automatically if they use "~>1.0.6" in their Gemfile. I don't know the details of the problem here but it's not related to restarting the server I think. I would definitely not recommend turning it off as it will be less secure |
|
Deleted last comment, because it's not the situation we are considering. /Users/anita/.rvm/gems/ruby-2.1.0/gems/dragonfly-1.0.7 (Insert image, go to website, right-click, copy image location)
restart server, reload page. The image isn't loaded and the SHA is the same.
|
|
This is the image path in image preview If we remove ?22725 from path image displaying correctly, is there any way to remove it ? |
|
Added extension using following command But When I upload image, preview brocken
My gemfile is : https://gist.github.com/eshaiju/72cb342efacd8038f0de source 'https://rubygems.org'
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '4.1.5'
# Use sqlite3 as the database for Active Record
group :development, :test do
gem 'sqlite3'
end
# Use SCSS for stylesheets
gem 'sass-rails', '~> 4.0.3'
# Use Uglifier as compressor for JavaScript assets
gem 'uglifier', '>= 1.3.0'
# Use CoffeeScript for .js.coffee assets and views
gem 'coffee-rails', '~> 4.0.0'
# See https://github.com/sstephenson/execjs#readme for more supported runtimes
# gem 'therubyracer', platforms: :ruby
# Use jquery as the JavaScript library
gem 'jquery-rails'
# Turbolinks makes following links in your web application faster. Read more: https://github.com/rails/turbolinks
gem 'turbolinks'
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
gem 'jbuilder', '~> 2.0'
# bundle exec rake doc:rails generates the API under doc/api.
gem 'sdoc', '~> 0.4.0', group: :doc
# Spring speeds up development by keeping your application running in the background. Read more: https://github.com/rails/spring
gem 'spring', group: :development
# Use ActiveModel has_secure_password
# gem 'bcrypt', '~> 3.1.7'
# Use unicorn as the app server
# gem 'unicorn'
# Use Capistrano for deployment
# gem 'capistrano-rails', group: :development
# Use debugger
# gem 'debugger', group: [:development, :test]
gem 'refinerycms', github: 'refinery/refinerycms', branch: 'master'
gem 'refinerycms-i18n', github: 'refinery/refinerycms-i18n', branch: 'master'
gem 'quiet_assets'
# Add support for refinerycms-acts-as-indexed
gem 'refinerycms-acts-as-indexed', ['~> 2.0', '>= 2.0.0']
# Add support for refinerycms-wymeditor
gem 'refinerycms-wymeditor', ['~> 1.0', '>= 1.0.0']
gem 'seo_meta', github: 'parndt/seo_meta', branch: 'master'
gem 'paper_trail', github: 'airblade/paper_trail', branch: 'master'
gem 'refinerycms-courses', path: 'vendor/extensions'
gem 'refinerycms-image_slides', path: 'vendor/extensions'
gem 'refinerycms-page-images', :git => 'https://github.com/refinery/refinerycms-page-images.git'
gem 'refinerycms-services', path: 'vendor/extensions' |
|
Do you have any idea where the |
|
Same problem here (dragonfly 1.0.7). As an aside the cdn we set up for it caches all images again on each server restart (ballooning it's size). Noted the problem as the images sneaked in slowly after a heroku restart, just as if no cdn was used at all and all images needed to be recreated. |
|
Just looked a bit deeper into this problem. The sha comes from Dragonfly's Possibly this used to stay the same if it wasn't set, but testing showed that this secret (if unset in configuration) changed on each restart (which is possibly a bug, maybe it could be generated on install or just stay the same or maybe you should just receive a warning (and a mention in the readme)). At least, that did it for me. |
|
Ah good research! That makes sense about the SHA changing as it's random if unset. |
|
Same problem here. I tried to set fixed dragonfly_secret but it didn't help. I'm in development phase so I don't mind turning off verify_urls for dragonfly, but is it possible to do that via refinery config files? |
|
How to turn off verify_urls for bundled dragonfly in refinery then? I tried to set config values in Refinery-Settings as well as in an Dragonfly-Initializer with Dragonfly.app.configure. Neither works. The broken SHA is still appended to newly inserted images and so they don´t render. |
|
Any progress on this issue? |
|
I fixed the problem with adding the dragonfly 1.0.6 version directly to my Gemfile: I know it is not a very good way to fix this problem, but it is a good temporary solution for me. |
|
It still works for me once I set the # config/initializers/refinery/images.rb
config.dragonfly_secret = "Here is a secret"
<img data-rel="225x255" alt="Pa071612" title="Pa071612" src="/system/images/W1siZiIsIjIwMTQvMDkvMTgveXh2MzhwNmRoX1BBMDcxNjEyLkpQRyJdLFsicCIsInRodW1iIiwiMjI1eDI1NVx1MDAzZSJdXQ/PA071612.JPG?sha=07364377a3f703ae" height="169" width="225">
(This is the about/me html from wymeditor) <p><img data-rel="225x255" alt="Pa071612" title="Pa071612" src="/system/images/W1siZiIsIjIwMTQvMDkvMTgveXh2MzhwNmRoX1BBMDcxNjEyLkpQRyJdLFsicCIsInRodW1iIiwiMjI1eDI1NVx1MDAzZSJdXQ/PA071612.JPG?sha=07364377a3f703ae" height="169" width="225" /></p>
<p>Tom at The Pinnacles (image inserted via wymeditor)</p>(This is the home page html from wymeditor) <p>Welcome to our site. This is just a place holder page while we gather our content.</p>
<p><img data-rel="225x255" alt="Pa071612" title="Pa071612" src="/system/images/W1siZiIsIjIwMTQvMDkvMTgveXh2MzhwNmRoX1BBMDcxNjEyLkpQRyJdLFsicCIsInRodW1iIiwiMjI1eDI1NVx1MDAzZSJdXQ/PA071612.JPG?sha=07364377a3f703ae" height="169" width="225" /></p>
<p>Image inserted by copying <img> tag from about/me page.</p> |
|
anitagraham's solution worked for me (with Dragonly 1.0.7). |
Problem: when inserting an image with the image picker in an image field, the preview is broken (broken image tag). (otherwise the preview works) Solution: the image path is: `<path>?sha=some_sha?23432`, notice the random integer at the end, which isn't needed anymore (I assume). So I just deleted that part in the js file. Background: * the problem was mentioned by @eshaiju in refinery#2681 (comment) * the random int was added here: refinery@ec3f2a9
|
Fixed by #2716 |
|
same problem, fixed by setting the dragonfly_secret config, thx @caifara |
|
To fix the issue, define a dragonfly secret in an initialiser. Refinery doesn't hardcode this for security reasons but maybe a warning saying this would be a good idea? |
|
Could the initial install of Refinery create the initialiser with a generated value ( Generated value from StackOverflow. There may well be a better way to do this. |
|
+1 for auto generate a random string for |
|
PR which always sets config.dragonfly_secret submitted. |
|
Thanks for the tip @anitagraham and I've got this set in Hang on, will confirm, may have gotten this working. |
|
@anitagraham Hi Anita, I'va set the secret for Dragonfly but this issue continues. We are not a lone it seems: I've further described my issue there ^^ |
|
After migrating to Rails 4, and the newest version of refinerycms, this issue is breaking a bunch of our old images in production. Is there a way via the Refinery initializers to disable the Dragonfly SHA check until this gets fixed? We've tried the above solutions and nothing is working. |
|
Hi @ddean, follow my steps here (#2931 (comment)) to disable DOS protection in Dragonfly. I also had older content with the SHA param attached and they are rendering fine. |
|
@bsodmike that seems to be working great. Thanks, much appreciated. I was thinking that I would have to scrape all the img elements in our pages and recalculate their src values. |
|
My pleasure @ddean. Also dropped you an email :) |
HI, since you have added the alt and title attribute to the Images, its seems to be broken.
Every time i restart the Server, all the Images that are included via the image picker to the wymeditor have a broken link.
Bad Request 400 (The SHA parameter you gave (f6321f708287aa9b) is incorrect)
Then i have to re insert the Image and it works until i restart the Server....
Regards Dino
EDIT:
Its a very strange behavor. Sometime the images disapear by just refreshing the Page. And sometimes they re apear... In the Backend Image library, the url of the Original images are always working. But if you insert them into the page, its seems a little bit broken...
The text was updated successfully, but these errors were encountered: