Comments (3)
I'm in the same situation. Only admins are able to upload SVGs in our app so handling this automatically via a config setting would be great.
from imagor.
The following filters may satisify some of the goal. Would you try it out?
raw()
response with a raw unprocessed and unchecked source image. Image still loads from loader and storage but skips the result storage
Adding raw()
filter would allow fetching original files.
Loading original file should be disabled by default hence only accessible via filter. Because untrusted SVG can very easily contains malicious code.
dpi(num) specify the dpi to render at for PDF and SVG
The default dpi for PDF/SVG is 72, this filter allow specifying for a higher dpi.
Though it may be a good idea to allow setting a default config for default dpi.
from imagor.
The following filters may satisify some of the goal. Would you try it out?
raw()
response with a raw unprocessed and unchecked source image. Image still loads from loader and storage but skips the result storageAdding
raw()
filter would allow fetching original files.Loading original file should be disabled by default hence only accessible via filter. Because untrusted SVG can very easily contains malicious code.
dpi(num) specify the dpi to render at for PDF and SVG
The default dpi for PDF/SVG is 72, this filter allow specifying for a higher dpi.
Though it may be a good idea to allow setting a default config for default dpi.
Hello,
I feel a little dumb, that I missed the raw()
and dpi()
filters, so sorry for that, that's great and kind of what I need. Definitely being able to set the default dpi would be great, as the client doesn't necessarily know the mimetype in advance and adding it to all urls feels redundant.
Still the first feature stands as would be very useful, as the client doesn't necessarily know the mimetype in advance (we don't include extensions as it's confusing to serve WebP with .PNG extension for example), and therefore doesn't know for which image raw()
should be set. I understand your security concern about malicious code, but for example in our environment we have absolute control on what files get in the source bucket it's either from a trusted source or potentially security check can be implemented on uploading.
Additionally the conditional conversion based on SVG filesize would be real sweet.
I know I could serve SVG outside Imagor completely, but still want to
- have it protected with hash
- have consistent client-side codebase for all mimetypes (same image host, processing, signatures)
- actually be able to use format conversion or filters on SVGs if needed
Config flag like RAW_UNTIL=svg:512000,pdf:256000
where you set the comma separated list of format and filesize in bytes would be perfect, then you could use same for other formats as well.. If not set default current behavior ofc.
from imagor.
Related Issues (20)
- Feature request: Image Presets
- Default domain feature: Allow secondary domain HOT 2
- Example of Signature in Go? HOT 1
- Multi-frame images (gif, tiff) and max height calculation
- Feature Request: Option to exclude /healthcheck from access logs HOT 1
- Feature request: color specific `meta` information
- use default quality,avif image size too large
- returning response headers from origins HOT 9
- round_corner filter fails for bmp images
- fill(none) fails on a grayscale image HOT 2
- CR2 support
- Thumbnail Extraction from .mov Issue HOT 1
- Feature Request: Header Auth Support? HOT 2
- Does not save watermark in FILE_STORAGE_BASE_DIR HOT 6
- Using font HOT 1
- NEF format poor quality
- Feature: watermark support text HOT 3
- Image processing on GPU HOT 1
- What it's for imagor HOT 1
- Corrupted images in "file_result_storage" directory HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from imagor.