sveetch
commented
1 year ago As you probably already know it, this is a limit from PIL : https://pillow.readthedocs.io/en/stable/reference/Image.html#PIL.Image.MAX_IMAGE_PIXELS . The bug occurs in richie from django-filer which use easy_thumbnails and then PIL to create thumbnails.
Commonly you can change it easily by setting it again just after a PIL import:
import PIL.Image
PIL.Image.MAX_IMAGE_PIXELS = 933120000However this is a relevant limit to avoid uploading image in a very large resolution which is rarely necessary and cause intensive CPU work to process thumbnails.
The different exception is probably because of different settings on the site (funedu) where the DecompressionBombError is raised, it probably disable the silent failure from easy_thumbnails. And every other sites do not disable it so it fails on NoSourceGenerator because it tried to use another image file backend before failing.
And about the NotImplementedError("This backend doesn't support absolute paths."), this is something related to some cloud plateform (like AWS or GKE) and boto, these plateform don't support absolute path in their api.
Expected behavior
Prevent uploading images that exceed the pixel limit allowed.
Actual behavior (on funedu)
It's possible to upload images exceeding the limit in pixels allowed on Richie FUN Campus. As a result, they break the access to folder pages on the filer (error 500). For instance, this image uploaded on this folder.
I don't know if it's a Richie issue, but the same image uploaded on other sites seems not to break pages on the filer (tried on fun-mooc preprod and demo.richie.education).
Sentry shows a
NoSourceGeneratorerror (https://sentry.io/share/issue/6aea83043656405f8b80c11296a9c5b3/):NB: This error also appears on other sites: