Incorrect signed URL

Question

Incorrect signed URL

Closed this issue 2 years ago · 7 comments

Steps to reproduce:

Turn on Restricting Unsigned URLs from your imagekit dashboard as per docs here.

Then using the code below, generate a URL for one of the uploaded assets in the media library. Try to access the URL, it will return an error.

require 'imagekitio'

public_key = 'public_key'
private_key = 'private_key'
url_endpoint = 'https://ik.imagekit.io/endpoint'

imagekitio = ImageKitIo::Client.new(private_key, public_key, url_endpoint)

path = "https://url/";

print imagekitio.url({
  path: CGI.escape(path),
  url_endpoint: 'https://ik.imagekit.io/endpoint/proxy',
  transformation_position: 'query',
  query_parameters: {
          tr: 'w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003'
  },
  signed: true
})

Answer 1 · 2022-07-07T12:51:38.000Z

Can you try it without escaping the URL, and use src parameter rather than path parameter.
eg:

print imagekitio.url({
  src: path,
  url_endpoint: 'https://ik.imagekit.io/endpoint/proxy',
  transformation_position: 'query',
  query_parameters: {
          tr: 'w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003'
  },
  signed: true
})

Answer 2 · 2022-07-07T12:55:30.000Z

Hi,

I'm the one who originally submitted this to your support.

I tried your approach @bishosilwal but that only generates a non imagekit url with the transformations attached via query string. Here's an example of the generated url:
https://contents.mediadecathlon.com/p1603686/k$03b0ee351fc5b91f54d4b7571a9fa8b4/sq/Steckschnallen+Trekkingrucksack+38+mm.jpg?ik-sdk-version=ruby-2.2.0&tr=w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003&ik-s=fde8f29fff7c83f99107cae39b7687bc857a7fca&ik-t=1657198739

path = 'https://contents.mediadecathlon.com/p1603686/k$03b0ee351fc5b91f54d4b7571a9fa8b4/sq/Steckschnallen+Trekkingrucksack+38+mm.jpg'
ImageKitIo.client.url({
    # path: CGI.escape(path),
    src: path,
    url_endpoint: 'https://ik.imagekit.io/enabee/22lines-proxy',
    transformation: [transformations, ...],
    transformation_position: 'query',
    signed: true,
  })

Answer 3 · 2022-07-07T13:32:57.000Z

@bishosilwal The SDK needs to work correctly with both path and src params

Answer 4 · 2022-07-08T08:53:48.000Z

@cspeer We get the issue and will fix it soon. Thanks

Answer 5 · 2022-07-14T16:05:40.000Z

@cspeer please check this in version 2.2.1

Answer 6 · 2022-07-19T10:00:58.000Z

@imagekitio it's working now. thanks!
however, it appears that expire_seconds has no effect. Generated URLs return an Unauthorized only seconds after they are accessed directly even if I set expire_seconds to 5 minutes or more.

Answer 7 · 2022-07-19T10:03:11.000Z

@cspeer we can take that up separately on support. Closing this particular issue now.