Nothing has changed in the last week that would have affected this. Are you sure there's no change in the app itself/
On Sat, Dec 10, 2016 at 9:28 PM Mike Johnson <[email protected]> wrote: > I am using ImageMagick to read images from a partner server who just > changed their hosting from http:// to https:// and now the images will > not get processed using: > > `Magick::Image.read(image_path)` when image_path is an https path. > > > After reading more it seems imagemagick vulnerabilities were discovered > and Heroku implemented a new policy.xml file at > /etc/ImageMagick/policy.xml > > > > I read a few guides and tried to create my own policy.xml file, located > here: /app/.ImageMagick/policy.xml > > <policy domain="coder" rights="read" pattern="HTTPS" /> > > > > When I run convert -list policy I get the following output: > > > > > > *Path: /app/.ImageMagick/policy.xmlPolicy: Coderrights: Read pattern: > HTTPS* > > > *Path: /etc/ImageMagick/policy.xml* > > > *...[OTHER CODERS I WANT TO LEAVE AS IS]* > > *...* > > *pattern: HTTPS > * > > > *Policy: Coderrights: None* > > *...* > > *[MORE CODERS TO LEAVE AS-IS]* > > *...* > > > > It looks like the /etc/ImageMagick/policy.html is overwriting my app > specific policy.xml. I just want to enable HTTPS for images (read) only. > This has been working for years until last week. > > -- > -- > You received this message because you are subscribed to the Google > Groups "Heroku" group. > > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/heroku?hl=en_US?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "Heroku Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- -- You received this message because you are subscribed to the Google Groups "Heroku" group. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/heroku?hl=en_US?hl=en --- You received this message because you are subscribed to the Google Groups "Heroku Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
