They have authorized_extensions set to *. The file uploads just fine. I see it in the filesystem. The permissions are right. file says that it’s an MP4 file. The record in rails looks OK:
but accessing it returns a 404. There were a couple of new features and bug fixes for mp4 recently, but I just ran an upgrade and it’s still not working. I don’t know where else to look.
The problem is that the nginx config is allowing only certain file types. Moving this to bug.
In discourse.conf is this stanza:
# this allows us to bypass rails
location ~* \.(gif|png|jpg|jpeg|bmp|tif|tiff|ico|webp)$ {
add_header Access-Control-Allow-Origin *;
try_files $uri =404;
}
I added mp3 and mp4 to the file types (after webp and mp4s now work) to the discourse.conf inside the container. I see “bypass rails” in discourse_dockerconfig/nginx.sample.conf. I don’t see how it gets into the template inside docker, so I don’t know how to figure out when this happened.
They have * in for allowed file types. I don’t know if there is some magic that would allow the mp3/mp4 to work if they were enumerated in the site settings, but I don’t see how that could be.
and the show method should just send the file. The nginx config would only make it more efficient by bypassing rails, but this is not a requirement.
Oh… the authorized_extensions are only for upload authorization, not for downloads (i.e. an extension not being in that list should not prevent a file from being downloaded).
I’m unable to repro this on latest tests-passed so you might want to move it back to support
EDIT I googled the site and it seems you have other problems.
I still don’t understand that Service Worker message, but I turned off prevent_anons_from_downloading_files and now it’s working. It seems that the “prevent_anons” setting is incompatible with CDN?
And I think you’re looking at https://www.turiver.com/t/argentina-la-sociedad-perdida/117158/8017 which is pulling from the CDN when I look, but logged in and not logged in.