search

FriendsOfFlarum / upload

The file upload extension with insane intelligence for your Flarum forum.
https://discuss.flarum.org/d/4154
MIT License
176 stars 96 forks source link

Something went wrong when I tried to upload a image to AWS S3 #325

Closed essesoul closed 2 months ago

essesoul commented 2 years ago

Bug Report

Something went wrong when I tried to upload a image to AWS S3 ,I can see the image in my Bucket, whitch mean it had been successfully uploaded . But that image cannot be inserted into the edit box automatically, it can only be added manually using the media manager.

Environment

I turned on debug mode and saw some error messages

POST https://www.dtcommunity.top/api/fof/upload

<br />
<b>Warning</b>: is_readable(): open_basedir restriction in effect. File(/home/www/.aws/config) is not within the allowed path(s): (/www/wwwroot/community.dtnetwork.top/:/tmp/) in <b>/www/wwwroot/community.dtnetwork.top/vendor/aws/aws-sdk-php/src/DefaultsMode/ConfigurationProvider.php</b> on line <b>152</b><br />
<br />
<b>Fatal error</b>: Uncaught Laminas\HttpHandlerRunner\Exception\EmitterException: Output has been emitted previously; cannot emit response in /www/wwwroot/community.dtnetwork.top/vendor/laminas/laminas-httphandlerrunner/src/Exception/EmitterException.php:24
Stack trace:
#0 /www/wwwroot/community.dtnetwork.top/vendor/laminas/laminas-httphandlerrunner/src/Emitter/SapiEmitterTrait.php(40): Laminas\HttpHandlerRunner\Exception\EmitterException::forOutputSent()
#1 /www/wwwroot/community.dtnetwork.top/vendor/laminas/laminas-httphandlerrunner/src/Emitter/SapiEmitter.php(27): Laminas\HttpHandlerRunner\Emitter\SapiEmitter-&gt;assertNoPreviousOutput()
#2 /www/wwwroot/community.dtnetwork.top/vendor/laminas/laminas-httphandlerrunner/src/RequestHandlerRunner.php(98): Laminas\HttpHandlerRunner\Emitter\SapiEmitter-&gt;emit()
#3 /www/wwwroot/community.dtnetwork.top/vendor/flarum/core/src/Http/Server.php(44): Laminas\HttpHandlerRunner\RequestHandlerRunner-&gt;run()
#4 /www/wwwroot/community.dtnetwork.top/public/index.php(26): Flarum\Http\Server-&gt;listen()
#5 {main}
thrown in <b>/www/wwwroot/community.dtnetwork.top/vendor/laminas/laminas-httphandlerrunner/src/Exception/EmitterException.php</b> on line <b>24</b><br />
essesoul commented 2 years ago

Tried turning off anti-cross-site attacks when I saw "open_basedir", and the functionality returned to normal, but it's probably not a good solution .

clarkwinkelmann commented 2 years ago

I'm not sure, but from the error message and location I would guess the Amazon SDK automatically tries to find some configuration files in common locations.

I'm not sure if we can explicitly tell the SDK to not do that :thinking:

luceos commented 2 years ago

I'm not sure either. I wouldn't expect a config file on a production server.

This would need some investigation.

LiteCat0905 commented 10 months ago

嘿! 你们有什么进展吗?有解决方法了吗?

clarkwinkelmann commented 10 months ago

@LiteCat0905 @essesoul can you provide more details on how you configured the S3 adapter with FoF Upload?

From the error message my guess is that the OP left the credentials empty, which causes the AWS SDK to lookup default credentials on the server, however PHP basedir restrictions prevent the SDK from reading files out of the Flarum folder.

In that case the next question is: where are you trying to read credentials from? If you provided credentials directly in the Flarum extension settings, then that's an error for us to fix. Can you provide steps to reproduce from a fresh VPS? If you are really trying to let the SDK use global credentials, then you need to fix your PHP configuration to allow the SDK to read the /home/www/.aws folder.

I'm also not sure whether /home/www/.aws is really a default location or if it's being read from an environment variable. In that case you might also need to adjust the variable if you are trying to read global configuration from elsewhere.

I really don't know enough about the AWS PHP SDK to know in which order and where global configuration is read. The idea is that if you put credentials in the Flarum extension, we forward it to the SDK and it shouldn't look elsewhere. But maybe it still looks for other configuration files in a global folder. If the SDK has a method to call to prevent looking for files out of the Flarum folder we could add a new option for that in the extension settings, but I don't know if that's a thing. We'll need some help with people familiar with the AWS SDK.

github-actions[bot] commented 2 months ago

This issue has been automatically closed because it received no activity for three months. If you think it was closed by accident, please leave a comment. If you are running into a similar issue on the latest version, please open a new issue. Thank you.