Wonderful!
@mbcahyono could you please create a new topic for the plugin in plugin?
3 إعجابات
The Discourse Images Guardian plugin no longer works with the latest Discourse beta — you can’t set a URL for the logos any more so all images now require authentication, this results in the site logos returning 404’s for non-authenticated users, I have opened an issue for this on GitHub to see if we can find a way to solve this.
The Discourse Images Guardian has been updated by @mbcahyono so it now works with the latest Discourse beta, I have deployed it to a couple of servers running v2.3.0.beta1 
.
4 إعجابات
The Discourse Images Guardian plugin doesn’t currently work with the latest Discourse v2.3.0.beta5, I have had to disable it on a couple of sites. I have raised an issue for this on GitHub and hopefully @mbcahyono will have a suggestion for a fix for this soon.
إعجابَين (2)
Today we began internally trialling a new “secure media” setting, which is only usable if S3 uploads are enabled. What this will do is the following:
- For Discourse instances that have the “login required” setting enabled, all uploads are considered secure, but if the setting is not enabled, only private message uploads are considered secure.
- All securely uploaded media URLs within posts and private messages will no longer directly point to the file, but will go through an endpoint to determine access to the media first based on site settings.
- Secure media in emails are replaced by placeholder text prompting users to log in to the Discourse instance to view the media.
- If an upload has been used in a secure context previously, we do not allow posting the same upload in a public topic.
This setting is currently only available for self-hosted Discourse instances. We will provide further updates once we have completed internal trials.
14 إعجابًا
What are the downsides of this? Does it effect performance at all?
The URL for media in posts/private messages is simply replaced with a Discourse server URL which then serves the private S3 URL for the upload.
إعجابَين (2)
Just to clarify here.
The downside is that you can not use a CDN anymore for private stuff and every image request / download has to “pipe” through the app to unlock the bucket for a user.
On small internal forums it is very unlikely you will notice anything. On a huge forums that require login, giving up the CDN and piping requests via the app may have some impact.
6 إعجابات
لا يعمل المكون الإضافي Image Guardian مع أحدث إصدار من Discourse، وقد فتحت مشكلة بخصوص هذا الأمر على GitHub:
لقد نظرت في استخدام خيار التحميلات الآمنة (Secure uploads) ولكنه يتطلب استخدام S3، وهذا ليس هو الحال في المنتدى المعني. لذا لا يزال الأمر مطلوبًا ونأمل أن يتمكن @mbcahyono من حل هذه المشكلة… 
@chrisc إنه موسم الأعياد هنا، لذا سأتحقق منه الأسبوع المقبل 
إعجاب واحد (1)
هذا مذهل، شكراً @mbcahyono، عطلة سعيدة!
هذا يجب أن يصلح خطأ إعادة البناء. لم تتح لي الفرصة لاختبار الوظيفة الفعلية بعد.
إعجاب واحد (1)
هذا رائع يا @mbcahyono لقد قمت بتثبيته واختباره وهو يعمل بشكل جيد شكراً مرة أخرى!
إعجاب واحد (1)
هل سيكون من الممكن أيضًا حماية أيقونات صور المستخدمين التي تم تحميلها بواسطة المستخدمين على الصور التي تتطلب ملف تعريف ارتباط لعرضها؟
مسارات عناوين URL الخاصة بهم تشبه /user_avatar/$DOMAIN_NAME/$USER_NAME/$NUNBER/$ANOTHER_NUMBER.png.