aqHi opened a new issue, #291: URL: https://github.com/apache/answer-plugins/issues/291
Description: When using Alibaba Cloud OSS as the storage backend, images uploaded to a private bucket cannot be displayed properly due to access restrictions. This occurs because the bucket’s ACL is set to private by default, and images require a signed URL or public-read permissions for direct access. Possible Solutions: Set ACL to Public Read During Upload: Modify the OSS file upload logic to explicitly set the object’s ACL to public-read. This allows direct access via the object URL without authentication. Example code (OSS SDK): go // When uploading objects, add the ACL header header := oss.ACL(oss.ACLPublicRead) err = bucket.PutObject(objectKey, fileReader, header) Note: This may expose objects to public access if URLs are known. Evaluate security trade-offs. Generate Signed URLs When Loading Images: Keep the bucket private and generate temporary signed URLs with expiration time when rendering images. This ensures security while allowing access. Example code: go // Generate a signed URL with expiration (e.g., 10 minutes) signedURL, err := bucket.SignURL(objectKey, oss.HTTPGet, 600) Additional Context: If the plugin already supports these configurations, please provide documentation or examples. Clarify whether the current implementation handles OSS ACLs or URL signing automatically. Environment: Plugin Version: 1.2.11 Let me know if further details are needed! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@answer.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
