cagataygurturk / image-resizer-service Goto Github PK

Hey there,

I was wondering if there was any plan to upgrade this project to Node 14 as Node 10 is no longer supported by AWS Lambda.

Error which occurred during deploy:

Resource handler returned message: "The runtime parameter of nodejs10.x is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs14.x) while creating or updating functions.

Cheers.

it seems images are being compressed and image quality is degraded when accessed with or without resize params.

Hi!
thanks for your code!
Do you plan to upgrade to node 12x in the short term?
could I update it from my aws console?
Thank you so much
Cheers

It looks like #1 wasn't fixed with 0.1.1 after all.

I'm using the latest version (verified by redeploying and, separately, building and diffing against what the Lambda function code has).

2018-10-06T23:08:25.075Z ba15b78f-c9bc-11e8-933e-0fea3cb0308d ERROR 500 null { Error: Command failed: convert: unable to open image `/tmp/resized.[bucket].[path].600.NaN': No such file or directory @ error/blob.c/OpenBlob/2643.

at ChildProcess. (/var/task/index.js:1:5024)
at emitTwo (events.js:126:13)
at ChildProcess.emit (events.js:214:7)
at maybeClose (internal/child_process.js:925:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:209:5) timedOut: false, killed: false, code: 1, signal: null }

There are similar errors when both width and height are supplied.

2018-10-06T23:12:15.425Z 435d25d8-c9bd-11e8-b440-87819a8ef2f0 ERROR 500 null { Error: Command failed: convert: unable to open image `/tmp/resized.[bucket].[path].600.600': No such file or directory @ error/blob.c/OpenBlob/2643.

at ChildProcess. (/var/task/index.js:1:5024)
at emitTwo (events.js:126:13)
at ChildProcess.emit (events.js:214:7)
at maybeClose (internal/child_process.js:925:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:209:5) timedOut: false, killed: false, code: 1, signal: null }

Hello! I found a potential risk in the image-resizer-service when I deployed it in the AWS Serverless Application Repository.

Detailed Analysis:

Before the image-resizer-service was deployed, it needed a parameter which is the name of a S3 Bucket. And the S3 Bucket must exist prior to deployment, but I found that I could construct the name of a bucket that didn't exist, even "*", which caused the permissions of the IAM role assigned to the application to be escalated. By the way, the runtime of this application must be nodejs18.x, but the runtime in the template is nodejs12.x.

Impact:

In normal, the IAM role just can operate on the object of the specific S3 Bucket. But if the parameter is "*", the role can operate on the objects of all S3 Buckets.

Mitigation Discussion:

1. The parameter which is the name of the S3 Bucket should be checked before the application is deployed. It must ensure that the Bucket exists and filters illegal parameters.

2. The version of runtime in the template should be updated to nodejs18.x.

A Few Questions:

1. Is it a real issue in the uploader?
2. If it's a real issue, can any of my suggestions be used to solve this problem?

By the way, I have reported this issue to aws security team, and they said this problem cannot be resolved by AWS. But I didn't find your email, so I have to report this potential risk by creating a GitHub issue. I'm sorry if there is any inconvenience.

Looking forward to your reply.
Regards,
Xunqi Liu

Hi,
Having problem in fetching images that has a space in file name and also in file path.

Lambda has a hard payload limit of 6MB. If this is exceeded for example when retrieving the original sized image of an >6mb image. You get an internal error. Would be nice to get a more descriptive error.

For some reason, some pictures change there orientation as soon as i add a ?width=xxx. Any idea how to prevent this?

As there is no upper bound on the size of an image, a user could create millions of huge images with a simple Postman script.
I'd suggest at least the option to say don't scale an image larger than the original, (or some configurable value) and possibly a granularity so images aren't created that are 300px, 301px, 302px...600px for each of your hosted images.

Hello, i try to test the resize lambda function but i get this error. i saw the latest issues, this bug is fixed normaly...
I user the serverlessrepo:semanticVersion is 0.1.3

When i call my api without parameters, i get well my image from my bucket, but when i pass the parameters, i have the error below.

2021-07-19T19:04:07.623Z	c706883e-3f1e-4c36-9e14-2b7cb29ce322	INFO	ERROR 500 null { Error: Command 
failed: convert: unable to open image /tmp/resized.arn:aws:s3:eu-west-
3:009894959642:accesspoint/accesspoint.img.mithila_1701_det1.jpeg.500.500: No such file or directory @ 
error/blob.c/OpenBlob/3497.

    at ChildProcess.<anonymous> (/var/task/index.js:1:4989)
    at ChildProcess.emit (events.js:198:13)
    at ChildProcess.EventEmitter.emit (domain.js:448:20)
    at maybeClose (internal/child_process.js:982:16)
    at Socket.stream.socket.on (internal/child_process.js:389:11)
    at Socket.emit (events.js:198:13)
    at Socket.EventEmitter.emit (domain.js:448:20)
    at Pipe._handle.close (net.js:607:12) timedOut: false, killed: false, code: 1, signal: null }

do you have an idea ?
thx

Hi,

You mention in your README that you advise setting up CDN in front of the API gateway endpoint to improve performance, cost, etc.

Could you advise how you would do this? I've tried pointing to API Gateway and although it works fundamentally, d=xxx querystring details aren't being respected.

Hi i cant resize my image get 500 all time. this is error from log

2018-08-29T08:08:47.400Z c140e36b-ab62-11e8-bb5f-5f46c0f12ae0 Error: Command failed: convert: unable to open image /tmp/resized.city-plus.a/download.png.10.10': No such file or directory @ error/blob.c/OpenBlob/2643. convert: WriteBlob Failed /tmp/resized.city-plus.a/download.png.10.10' @ error/png.c/MagickPNGErrorHandler/1751.

at ChildProcess. (/var/task/index.js:1:2652)
at emitTwo (events.js:106:13)
at ChildProcess.emit (events.js:191:7)
at maybeClose (internal/child_process.js:886:16)
at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5)

But i can get origin picture. without params width and height

I have a bucket with images and videos.

I access the bucket with a subdomain cdn.domain.com, which calls the lambda function. Is it possible to have it ignore non image files or configure it to only run for a specific folder in the bucket?

Thanks.

Hi,

I got error 500 upon calling myapiurl/<image_path>?width=100&height=100

upon looking on the cloudwatch logs, it says
Command failed: convert: unable to open image ...... @ error/blob.c/OpenBlob/2643.

at ChildProcess.<anonymous> (/var/task/index.js:1:2652)
at emitTwo (events.js:106:13)
at ChildProcess.emit (events.js:191:7)
at maybeClose (internal/child_process.js:886:16)
at Socket.<anonymous> (internal/child_process.js:342:11)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
at Pipe._handle.close [as _onclose] (net.js:497:12)

but when I call myapiurl/<image_path>, I successfully get the original image.

What I want to get is to resize my s3 images upon calling the API with parameters.

Hope to hear some feedback.

Thanks

Could you get this to store the images in another bucket (or even the same bucket) so it wouldn't have to rebuild/cache them?

AWS Lambda: Node.js 8.10 is EOL, please migration your functions to a newer runtime version

any suggestions for migration?

Hello,
I installed your app using serverless repo on AWS, it works lovely thanks for it!
I would like to use cloudfront cache capability but unfortunately it seems that your app does not forward headers.
As you can see on these examples :
Cache-Control is passed : https://tridea-cdn.s3.eu-west-3.amazonaws.com/favicon.ico
Cache-Control isn't passed : https://5xh7ydv0n6.execute-api.eu-west-3.amazonaws.com/production/favicon.ico

Could you please update your code to handle it?
Or if the error comes from my side could you help please :)