I am storing images from react to active storage. For this I have used react-quill which is a text editor and integrated it with active storage.
Now the issue is when I upload an image, I am able to store it to active storage and get back signed_id and file_name which I use to place in the src attribute of my image tag. The image src simply looks like:
/rails/active_storage/blobs/:signed_id/:filename
the signed_id and filename gets replaced however. This is working fine and I see images on the application. But I am not able to view images in mandrill emails when I send them using this format for active storage.
What am I missing here? Is there some other to alter the link to view images in email as well. TIA
Related
In my application, users can change the background image of a banner. They upload the file using Simple Form and Active Storage. It's working correctly but we had a user trying to upload a file name banner-website.png (2).png. The file is uploaded and saved but doesn't appear as a background image. I guess this happens because of special characters in the filename.
What is recommended to avoid such situations? Do we need to sanitize file names?
Several things to check:
Check the console and tried to view the CSS and see if the full link
is being populated? Try checking the CSS code and copy the link to
an address bar to see if the image loads from that direction.
Check the users png file to make sure its not corrupt. PNG headers that are corrupt can cause issues displaying in a website.
Check to see if your sanitizing plugin is causing an issue with that file. I have never used that one so regarding that I cannot say.
I tried uploading a file with a same name into my Rails 6 testbench (vanilla with active storage and stimulus js) and it works fine. It could be a conflicting CSS code too.
Just my 2 cents.
I've found the solution here: Rails Active Storage - Background Image invalid property?
Adding a single quote around the URL solved it.
I have a Rails application where I am storing image in the model using
has_one_attached: logo
However, when I check in the AWS console, I see that the file is saved as a text file with the contents of SVG in it. When I try to retrieve the image using a signed URL, it gives me back the content of the text file.
I want to display this image in my HTML. How can I render this SVG in my application?
because svg is text ,it will be saved as text.
for displaying it in rails app this answer should work
I have a rails app, in which i store some images in AWS, and show them in a PDF report. When there is no images to be shown, i show a placeholder, like this one here: .
The problem is: the image is not show in the PDF file. When in debug mode, the image is shown as usual, but never in my PDF! The link to the image is like this: https://dl.dropboxusercontent.com/u/4096865/missing.png
Edit 1:
I tried to include the image like this: image_tag("https://dl.dropboxusercontent.com/u/4096865/missing.png")
The solution i've found was simple, but prevented me from using dropbox for storage: it must be a http url. So, when i uploaded it to AWS S3, it worked!
So, this here works perfectly: image_tag("http://s3-sa-east-1.amazonaws.com/base-fisc-prod/missing.png")
This is an issue with images stored in a HTTPS link, the easiest way to solve this is to store the images in a HTTP link.
If you must store them in HTTPS, use this solution provided here
I am using Summer Note (http://hackerwins.github.io/summernote/) in my CMS to edit pages. For images, summer note allows you to insert images as img tag with a bunch of data (not uploaded to the server and stored in filesystem, but stored directly into database). So I am storing images within the HTML text, which is all stored in my postgres database (data type is text).
When the html is displayed on the front end, the text shows up fine but the images are broken. Is this due to the data type (text) or does there exist a better WYSIWYG bootstrap solution that allows uploading of images, as well as resizing them? Or perhaps a hack that could get around that to using uploaded images to the filesystem?
Have you tried adding .html_safe
Example:
#page.content.html_safe
I have a website that shows galleries. Users can upload their own content from the web (by entering a URL) or by uploading a picture from their computer.
I am storing the URL in the database which works fine for the first use case but I need to figure out where to store the actual images if a user does a upload from their computer.
Is there any recommendation here or best practice on where I should store these?
Should I save them in the appdata or content folders? Should they not be stored with the website at all because it's user content?
You should NOT store the user uploads anywhere they can be directly accessed by a known URL within your site structure. This is a security risk as users could upload .htm file and .js files. Even a file with the correct extension can contain malicious code that can be executed in the context of your site by an authenticated user allowing server-side or client-side attacks.
See for example http://www.acunetix.com/websitesecurity/upload-forms-threat.htm and What security issues appear when users can upload their own files? which mention some of the issues you need to be aware of before you allow users to upload files and then present them for download within your site.
Don't put the files within your normal web site directory structure
Don't use the original file name the user gave you. You can add a content disposition header with the original file name so they can download it again as the same file name but the path and file name on the server shouldn't be something the user can influence.
Don't trust image files - resize them and offer only the resized version for subsequent download
Don't trust mime types or file extensions, open the file and manipulate it to make sure it's what it claims to be.
Limit the upload size and time.
Depending on the resources you have to implement something like this, it is extremely beneficial to store all this stuff in Amazon S3.
Once you get the upload you simply push it over to Amazon and pop the URL in your database as you're doing with the other images. As mentioned above it would probably be wise to open up the image and resize it before sending it over. This both checks it is actually an image and makes sure you don't accidentally present a full camera resolution image to an end user.
Doing this now will make it much, much easier if you ever have to migrate/failover your site and don't want to sync gigabytes of image assets.
One way is to store the image in a database table with a varbinary field.
Another way would be to store the image in the App_Data folder, and create a subfolder for each user (~/App_Data/[userid]/myImage.png).
For both approaches you'd need to create a separate action method that makes it possible to access the images.
While uploading images you need to verify the content of the file before uploading it. The file extension method is not trustable.
Use magic number method to verify the file content which will be an easy way.
See the stackoverflow post and see the list of magic numbers
One way of saving the file is converting it to binary format and save in our database and next method is using App_Data folder.
The storage option is based on your requirement. See this post also
Set upload limit by setting maxRequestLength property to Web.Config like this, where the size of file is specified in KB
<httpRuntime maxRequestLength="51200" executionTimeout="3600" />
You can save your trusted data just in parallel of htdocs/www folder so that any user can not access that folder. Also you can add .htaccess authentication on your trusted data (for .htaccess you should kept your .htpasswd file in parallel of htdocs/www folder) if you are using apache.