Incorrect signed URL
Closed this issue · 7 comments
Steps to reproduce:
Turn on Restricting Unsigned URLs from your imagekit dashboard as per docs here.
Then using the code below, generate a URL for one of the uploaded assets in the media library. Try to access the URL, it will return an error.
require 'imagekitio'
public_key = 'public_key'
private_key = 'private_key'
url_endpoint = 'https://ik.imagekit.io/endpoint'
imagekitio = ImageKitIo::Client.new(private_key, public_key, url_endpoint)
path = "https://url/";
print imagekitio.url({
path: CGI.escape(path),
url_endpoint: 'https://ik.imagekit.io/endpoint/proxy',
transformation_position: 'query',
query_parameters: {
tr: 'w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003'
},
signed: true
})
Can you try it without escaping the URL, and use src
parameter rather than path
parameter.
eg:
print imagekitio.url({
src: path,
url_endpoint: 'https://ik.imagekit.io/endpoint/proxy',
transformation_position: 'query',
query_parameters: {
tr: 'w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003'
},
signed: true
})
Hi,
I'm the one who originally submitted this to your support.
I tried your approach @bishosilwal but that only generates a non imagekit url with the transformations attached via query string. Here's an example of the generated url:
https://contents.mediadecathlon.com/p1603686/k$03b0ee351fc5b91f54d4b7571a9fa8b4/sq/Steckschnallen+Trekkingrucksack+38+mm.jpg?ik-sdk-version=ruby-2.2.0&tr=w-263,h-197,fo-center,cm-pad_resize,dpr-2.0,rt-auto:ow-526,oh-394,obg-00000003&ik-s=fde8f29fff7c83f99107cae39b7687bc857a7fca&ik-t=1657198739
path = 'https://contents.mediadecathlon.com/p1603686/k$03b0ee351fc5b91f54d4b7571a9fa8b4/sq/Steckschnallen+Trekkingrucksack+38+mm.jpg'
ImageKitIo.client.url({
# path: CGI.escape(path),
src: path,
url_endpoint: 'https://ik.imagekit.io/enabee/22lines-proxy',
transformation: [transformations, ...],
transformation_position: 'query',
signed: true,
})
@bishosilwal The SDK needs to work correctly with both path
and src
params
@cspeer We get the issue and will fix it soon. Thanks
@cspeer please check this in version 2.2.1
@imagekitio it's working now. thanks!
however, it appears that expire_seconds
has no effect. Generated URLs return an Unauthorized
only seconds after they are accessed directly even if I set expire_seconds
to 5 minutes or more.
@cspeer we can take that up separately on support. Closing this particular issue now.