That, might depend on where you are adding your whitelist?
eg are you adding it to the RemoteImageService service in the security.config?
<service prefix="remote.axd" name="RemoteImageService" type="ImageProcessor.Web.Services.RemoteImageService, ImageProcessor.Web">
<!-- The timeout for a request in milliseconds and the maximum
allowable download in bytes. -->
<settings>
<setting key="MaxBytes" value="4194304"/>
<setting key="Timeout" value="3000"/>
<!-- Added version 4.2.0. -->
<setting key="Protocol" value="http"/>
<!-- Added version 4.7.0. Optional -->
<!-- Sets a useragent value for the request. Useful for social networks.
See http://www.useragentstring.com/ for available values. -->
<setting key="Useragent" value=""/>
</settings>
<!-- Sets allowable domains to process images from. -->
<whitelist>
<add url="http://images.mymovies.net"/>
<add url="http://maps.googleapis.com"/>
</whitelist>
</service>
<?xml version="1.0" encoding="utf-8"?>
<security>
<!--Added v4.3.0 -->
<cors>
<whitelist>
<!--
Demo: Adding a url will send cors headers to that requesting url.
"*" acts as a universal selector.
-->
<add url="http://imageprocessor.org"/>
</whitelist>
</cors>
<services>
<service name="LocalFileImageService" type="ImageProcessor.Web.Services.LocalFileImageService, ImageProcessor.Web"/>
<!--Disable the LocalFileImageService and enable this one when using virtual paths. -->
<!--<service name="CloudImageService" type="ImageProcessor.Web.Services.CloudImageService, ImageProcessor.Web">
<settings>
<setting key="MaxBytes" value="8194304"/>
<setting key="Timeout" value="30000"/>
<setting key="Host" value="http://yourhost.com/"/>
</settings>
</service>-->
<service prefix="remote.axd" name="RemoteImageService" type="ImageProcessor.Web.Services.RemoteImageService, ImageProcessor.Web">
<!-- The timeout for a request in milliseconds and the maximum
allowable download in bytes. -->
<settings>
<setting key="MaxBytes" value="4194304"/>
<setting key="Timeout" value="3000"/>
<!-- Added version 4.2.0. -->
<setting key="Protocol" value="http"/>
<!-- Added version 4.7.0. Optional -->
<!-- Sets a useragent value for the request. Useful for social networks.
See http://www.useragentstring.com/ for available values. -->
<setting key="Useragent" value=""/>
</settings>
<!-- Sets allowable domains to process images from. -->
<whitelist>
<add url="https://betzold.de"/>
<add url="https://static.betzold-educational.com"/>
<add url="https://static.betzold.de"/>
<add url="https://betzold-educational.com"/>
<add url="https://static.betzold-educational.com"/>
<add url="https://rasquin.net"/>
</whitelist>
</service>
<!-- Add other service implemtations here. -->
</services>
</security>
As you can see above, I have added several whitelist domains.
Same Image on three drifferent servers. Here is the result
https://code4.it/ is the only domain under which the image processing works. Even though it has not been added to the whitelist.
Are there any serverside restrictions that could prevent the images beeing processed?
I'm on my test environment on my local maschine but have set up a test domain on IIS : https://campusshop.localtest.me/ pointing to 127.0.0.1 so I can run the site under https
Image processor whitelist not working
I am trying to process images from a remote url in my website.
As far as I understand it is as easy as adding a whitelist url in the Security.Config as so:
I am running Umbraco version 8.11.1 and double checked that the nuget packages are installed and up to date:
When inspecting the page in the browser I get the following:
But unfortunately it does not process the image. Am I missing something?
Hi Edgar
That, might depend on where you are adding your whitelist?
eg are you adding it to the RemoteImageService service in the security.config?
and should you have:
instead of just the domain?
regards
Marc
Hi Marc,
thanks for your reply.
This is my security.config:
As you can see above, I have added several whitelist domains.
This is my test code:
Same Image on three drifferent servers. Here is the result
https://code4.it/ is the only domain under which the image processing works. Even though it has not been added to the whitelist.
Are there any serverside restrictions that could prevent the images beeing processed?
I'm on my test environment on my local maschine but have set up a test domain on IIS : https://campusshop.localtest.me/ pointing to 127.0.0.1 so I can run the site under https
Hi Edgar
If you reference the external images via the remote.axd handler
/remote.axd/your-external-image?width=300
/remote.axd?http://your-external-image?width=300
eg
or
Does that force the external image through the image processor pipeline?
https://imageprocessor.org/imageprocessor-web/imageprocessingmodule/
regards
Marc
Hi Marc,
yes the first option works:
Thank you so much for helping me out!
Have a nice day
is working on a reply...