[rt-users] Problem with interpretation of images

Alexander Reintzsch alexander.reintzsch at netsystem.de
Mon Jun 11 05:49:13 EDT 2012


Am Mittwoch, den 06.06.2012, 15:04 -0400 schrieb Thomas Sibley:
> On 06/06/2012 12:10 PM, Paul Tomblin wrote:
> > I've encountered the same problem even if I put my image in
> > /opt/rt4/share/html/NoAuth/images, at least with the standalone
> > server.
> 
> Try the dhandler approach.  Serve images out of a subdirectory from
> virtual paths.  See how we do this with the CKEditor source.

So, here is what I did to solve this problem. Thanks for this
suggestion. Now I do understand how this thing with the dhandler works.

I moved! my images into a subfolder called hiddensource. The image-file
may not exist in the original folder anymore!
So /NoAuth/plugin/images/sample.jpg is now located in
/NoAuth/plugin/images/hiddensource/sample.jpg.

Then I created the dhandler file in /NoAuth/plugin/images/. Its content
is
<%INIT>
use File::Basename;
my $arg = $m->dhandler_arg;
my $file = dirname($m->current_comp->source_file) . '/hiddensource/'.
$arg;
RT::Interface::Web->SendStaticFile( File => $file );

$m->abort;
</%INIT>

To make sure that the files in hiddensource are not accessed via the
browser from outside, because this might cause a security flaw, I also
had to adjust my Apache Server.
<LocationMatch /NoAuth/.*/?hiddensource/>
   Order deny,allow
   Deny from all
</LocationMatch>

This can be done in a .htaccess-file in the hiddensource subfolder or in
the main config where you configure apache for your RT.

So my sample.jpg will be accessible via /NoAuth/plugin/images/sample.jpg
and will not be interpreted by Mason. But nobody can access it
via /NoAuth/plugin/images/hiddensource/sample.jpg

I hope this will help somebody else. Thanks to everybody for the
support. :)

Alex




More information about the rt-users mailing list