search

ministryofjustice / itpolicycontent

Draft and review content for MoJ IT Policy.
10 stars 14 forks source link

Broken image in password policy #70

Closed edent closed 5 years ago

edent commented 5 years ago

Expected information

Re: https://github.com/ministryofjustice/itpolicycontent/blob/master/content/security/framework/password-guidance.md

At the bottom is the following code:

<ul>
<li>IT Service Desk:<br/>
<img src="https://s3-eu-west-2.amazonaws.com/intranet-prod-storage-1dvcquh7kophi/uploads/2017/12/e6404c31d65821489a775401ce4b941d.gif">&nbsp;</li>
</ul>

The image is broken. AWS responds with

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>6CEE8A566F7EE6A4</RequestId>
<HostId>
1SkFtkblbmned0CmVFTJynBdgsb+gDO7NVs9QLi1onS4im3HsitZ5LaaUleNGPcpiZDt/bJ28b4=
</HostId>
</Error>

Many of the images in other documents appear broken - see

warmanaMOJ commented 5 years ago

Hello,

Thank you - actually, this is working exactly as intended.

The definitive content is published on the MoJ Intranet. When viewed on the Intranet (using a VPN as appropriate), the images are retrieved from AWS and render correctly. Outside the Intranet, they cannot be seen, so GitHub cannot render them, resulting in the error message.

Some images contain contact details for individuals or teams. In order to ensure we avoid any problems of privacy or DoS, we don't make those contact details public.

Bottom line: only content on the Intranet is definitive. Making the source visible through GitHub is intended to be a helpful convenience, but must not be used as a replacement for the definitive Intranet presentation.

Hope this helps.