Open chladog opened 1 year ago
The following filters may satisify some of the goal. Would you try it out?
raw()
response with a raw unprocessed and unchecked source image. Image still loads from loader and storage but skips the result storage
Adding raw()
filter would allow fetching original files.
Loading original file should be disabled by default hence only accessible via filter. Because untrusted SVG can very easily contains malicious code.
dpi(num) specify the dpi to render at for PDF and SVG
The default dpi for PDF/SVG is 72, this filter allow specifying for a higher dpi.
Though it may be a good idea to allow setting a default config for default dpi.
The following filters may satisify some of the goal. Would you try it out?
raw()
response with a raw unprocessed and unchecked source image. Image still loads from loader and storage but skips the result storageAdding
raw()
filter would allow fetching original files.Loading original file should be disabled by default hence only accessible via filter. Because untrusted SVG can very easily contains malicious code.
dpi(num) specify the dpi to render at for PDF and SVG
The default dpi for PDF/SVG is 72, this filter allow specifying for a higher dpi.
Though it may be a good idea to allow setting a default config for default dpi.
Hello,
I feel a little dumb, that I missed the raw()
and dpi()
filters, so sorry for that, that's great and kind of what I need. Definitely being able to set the default dpi would be great, as the client doesn't necessarily know the mimetype in advance and adding it to all urls feels redundant.
Still the first feature stands as would be very useful, as the client doesn't necessarily know the mimetype in advance (we don't include extensions as it's confusing to serve WebP with .PNG extension for example), and therefore doesn't know for which image raw()
should be set. I understand your security concern about malicious code, but for example in our environment we have absolute control on what files get in the source bucket it's either from a trusted source or potentially security check can be implemented on uploading.
Additionally the conditional conversion based on SVG filesize would be real sweet.
I know I could serve SVG outside Imagor completely, but still want to
Config flag like RAW_UNTIL=svg:512000,pdf:256000
where you set the comma separated list of format and filesize in bytes would be perfect, then you could use same for other formats as well.. If not set default current behavior ofc.
I'm in the same situation. Only admins are able to upload SVGs in our app so handling this automatically via a config setting would be great.
Hello, loving your great work and thank you for it! After using it for a while I encoutered a fewproblems - here are ideas for additional betterment:
Omit SVG from auto-format
We are using
IMAGOR_AUTO_WEBP=1
andIMAGOR_AUTO_AVIF=1
. It's working great for bitmap images, however I'm in need of an option to omit this behavior for vector SVG images as most of the time it makes more sense to just render SVGs as is - filesize often smaller than bitmap, and render quality always better. Obviously the conversion would happen if there is any manipulation or processing filter used (maybe pure SVG manipulation in the future? ;-) )Ideally such feature would even take a configurable filesize limit and overly complex SVGs over the limit (like filesize over 0.5 MB) would actually be converted, however the small enough images like icons, logos would be kept as SVG.
~~## Better quality SVG2Bitmap Additionally it would be great to overall enhance the quality of the SVG to bitmap conversion currently produces blurred images even on 1:1.~~
~~## Fetching original files In our current deployment we are storing images to private S3 bucket exclusively, and we cannot make it public and we need to protect the originals also by HASH. It would be very handy to be able to get the original file skipping any processing (except the signature verification) through Imagor - something like
/original/PATH2FILE
. (obviously such feature would idealy be possibe to disable in config)~~Would you consider these features?