Carrierwave gem 安全文件路径无法读取文件错误

【问题标题】:Carrierwave gem Secure File Path Cannot read file errorCarrierwave gem 安全文件路径无法读取文件错误
【发布时间】:2014-12-17 02:21:16
【问题描述】:

我尝试在载波中遵循“安全上传”,这有点令人困惑,因为我已经自定义了文件路径等等。当我尝试运行应用程序时,出现“无法读取文件”错误。

路线如下:

match "/uploads/tobereviewed/:user.:username.downcase/:basename.:extension", :controller => "photos", :action => "uploaded", via: :get

上传者的 sotre_dir :

class SubmitUploader < CarrierWave::Uploader::Base

def store_dir
  "uploads/tobereviewed/#{model.user.username.downcase}"
end

carrierwave.rb 初始化器:

    CarrierWave.configure do |config|
      config.permissions = 0600
      config.directory_permissions = 0700
      config.root = Rails.root
    end

照片控制器:

    def uploaded

        file = Submit.first

        send_file "#{Rails.root}/uploads/tobereviewed/#{file.user.username.downcase}/#{file.id}"
    end

完整的错误日志:

Started GET "/uploaded" for 127.0.0.1 at 2014-11-27 18:19:09 +0530
Processing by PhotosController#uploaded as HTML
  User Load (0.4ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = $1  ORDER BY "users"."id" ASC LIMIT 1  [["id", 1]]
  Submit Load (2.6ms)  SELECT  "submits".* FROM "submits"  ORDER BY "submits"."id" ASC LIMIT 1
  User Load (2.2ms)  SELECT  "users".* FROM "users" WHERE "users"."id" = $1 LIMIT 1  [["id", 1]]
Sent file /home/pubudu/Projects/istockseller/uploads/tobereviewed/thpubs/36603935 (0.7ms)
Completed 500 Internal Server Error in 54ms

ActionController::MissingFile - Cannot read file /home/pubudu/Projects/istockseller/uploads/tobereviewed/thpubs/36603935:
  actionpack (4.2.0.beta4) lib/action_controller/metal/data_streaming.rb:68:in `send_file'
  actionpack (4.2.0.beta4) lib/action_controller/metal/instrumentation.rb:49:in `block in send_file'
  activesupport (4.2.0.beta4) lib/active_support/notifications.rb:164:in `block in instrument'
  activesupport (4.2.0.beta4) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (4.2.0.beta4) lib/active_support/notifications.rb:164:in `instrument'
  actionpack (4.2.0.beta4) lib/action_controller/metal/instrumentation.rb:47:in `send_file'
   () home/pubudu/Projects/istockseller/app/controllers/photos_controller.rb:24:in `uploaded'
  actionpack (4.2.0.beta4) lib/action_controller/metal/implicit_render.rb:4:in `send_action'
  actionpack (4.2.0.beta4) lib/abstract_controller/base.rb:198:in `process_action'
  actionpack (4.2.0.beta4) lib/action_controller/metal/rendering.rb:10:in `process_action'
  actionpack (4.2.0.beta4) lib/abstract_controller/callbacks.rb:20:in `block in process_action'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:117:in `call'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:169:in `block in halting'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:151:in `block in halting_and_conditional'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:234:in `block in halting'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:234:in `block in halting'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:169:in `block in halting'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:92:in `_run_callbacks'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:734:in `_run_process_action_callbacks'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (4.2.0.beta4) lib/abstract_controller/callbacks.rb:19:in `process_action'
  actionpack (4.2.0.beta4) lib/action_controller/metal/rescue.rb:29:in `process_action'
  actionpack (4.2.0.beta4) lib/action_controller/metal/instrumentation.rb:31:in `block in process_action'
  activesupport (4.2.0.beta4) lib/active_support/notifications.rb:164:in `block in instrument'
  activesupport (4.2.0.beta4) lib/active_support/notifications/instrumenter.rb:20:in `instrument'
  activesupport (4.2.0.beta4) lib/active_support/notifications.rb:164:in `instrument'
  actionpack (4.2.0.beta4) lib/action_controller/metal/instrumentation.rb:30:in `process_action'
  actionpack (4.2.0.beta4) lib/action_controller/metal/params_wrapper.rb:250:in `process_action'
  activerecord (4.2.0.beta4) lib/active_record/railties/controller_runtime.rb:18:in `process_action'
  actionpack (4.2.0.beta4) lib/abstract_controller/base.rb:137:in `process'
  actionview (4.2.0.beta4) lib/action_view/rendering.rb:30:in `process'
  actionpack (4.2.0.beta4) lib/action_controller/metal.rb:195:in `dispatch'
  actionpack (4.2.0.beta4) lib/action_controller/metal/rack_delegation.rb:13:in `dispatch'
  actionpack (4.2.0.beta4) lib/action_controller/metal.rb:236:in `block in action'
  actionpack (4.2.0.beta4) lib/action_dispatch/routing/route_set.rb:73:in `dispatch'
  actionpack (4.2.0.beta4) lib/action_dispatch/routing/route_set.rb:42:in `serve'
  actionpack (4.2.0.beta4) lib/action_dispatch/journey/router.rb:43:in `block in serve'
  actionpack (4.2.0.beta4) lib/action_dispatch/journey/router.rb:30:in `serve'
  actionpack (4.2.0.beta4) lib/action_dispatch/routing/route_set.rb:780:in `call'
  omniauth (1.2.2) lib/omniauth/strategy.rb:186:in `call!'
  omniauth (1.2.2) lib/omniauth/strategy.rb:164:in `call'
  omniauth (1.2.2) lib/omniauth/strategy.rb:186:in `call!'
  omniauth (1.2.2) lib/omniauth/strategy.rb:164:in `call'
  warden (1.2.3) lib/warden/manager.rb:35:in `block in call'
  warden (1.2.3) lib/warden/manager.rb:34:in `call'
  rack (1.6.0.beta) lib/rack/etag.rb:23:in `call'
  rack (1.6.0.beta) lib/rack/conditionalget.rb:25:in `call'
  rack (1.6.0.beta) lib/rack/head.rb:13:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/params_parser.rb:27:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/flash.rb:257:in `call'
  rack (1.6.0.beta) lib/rack/session/abstract/id.rb:225:in `context'
  rack (1.6.0.beta) lib/rack/session/abstract/id.rb:220:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/cookies.rb:558:in `call'
  activerecord (4.2.0.beta4) lib/active_record/query_cache.rb:36:in `call'
  activerecord (4.2.0.beta4) lib/active_record/connection_adapters/abstract/connection_pool.rb:647:in `call'
  activerecord (4.2.0.beta4) lib/active_record/migration.rb:378:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:88:in `_run_callbacks'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:734:in `_run_call_callbacks'
  activesupport (4.2.0.beta4) lib/active_support/callbacks.rb:81:in `run_callbacks'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/callbacks.rb:27:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/reloader.rb:73:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/remote_ip.rb:78:in `call'
  better_errors (1.1.0) lib/better_errors/middleware.rb:84:in `protected_app_call'
  better_errors (1.1.0) lib/better_errors/middleware.rb:79:in `better_errors_call'
  better_errors (1.1.0) lib/better_errors/middleware.rb:56:in `call'
  web-console (2.0.0.beta4) lib/action_dispatch/debug_exceptions.rb:18:in `middleware_call'
  web-console (2.0.0.beta4) lib/action_dispatch/debug_exceptions.rb:13:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/show_exceptions.rb:30:in `call'
  railties (4.2.0.beta4) lib/rails/rack/logger.rb:38:in `call_app'
  railties (4.2.0.beta4) lib/rails/rack/logger.rb:20:in `block in call'
  activesupport (4.2.0.beta4) lib/active_support/tagged_logging.rb:68:in `block in tagged'
  activesupport (4.2.0.beta4) lib/active_support/tagged_logging.rb:26:in `tagged'
  activesupport (4.2.0.beta4) lib/active_support/tagged_logging.rb:68:in `tagged'
  railties (4.2.0.beta4) lib/rails/rack/logger.rb:20:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/request_id.rb:21:in `call'
  rack (1.6.0.beta) lib/rack/methodoverride.rb:22:in `call'
  rack (1.6.0.beta) lib/rack/runtime.rb:17:in `call'
  activesupport (4.2.0.beta4) lib/active_support/cache/strategy/local_cache_middleware.rb:28:in `call'
  rack (1.6.0.beta) lib/rack/lock.rb:17:in `call'
  actionpack (4.2.0.beta4) lib/action_dispatch/middleware/static.rb:113:in `call'
  rack (1.6.0.beta) lib/rack/sendfile.rb:113:in `call'
  railties (4.2.0.beta4) lib/rails/engine.rb:514:in `call'
  railties (4.2.0.beta4) lib/rails/application.rb:161:in `call'
  rack (1.6.0.beta) lib/rack/tempfile_reaper.rb:15:in `call'
  rack (1.6.0.beta) lib/rack/lint.rb:49:in `_call'
  rack (1.6.0.beta) lib/rack/lint.rb:37:in `call'
  rack (1.6.0.beta) lib/rack/showexceptions.rb:24:in `call'
  rack (1.6.0.beta) lib/rack/commonlogger.rb:33:in `call'
  rack (1.6.0.beta) lib/rack/chunked.rb:54:in `call'
  rack (1.6.0.beta) lib/rack/content_length.rb:15:in `call'
  rack (1.6.0.beta) lib/rack/handler/webrick.rb:89:in `service'
   () home/pubudu/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/webrick/httpserver.rb:138:in `service'
   () home/pubudu/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/webrick/httpserver.rb:94:in `run'
   () home/pubudu/.rvm/rubies/ruby-2.1.5/lib/ruby/2.1.0/webrick/server.rb:295:in `block in start_thread'

127.0.0.1 - - [27/Nov/2014:18:19:09 +0530] "GET /uploaded HTTP/1.1" 500 - 0.0743

更新:

我这样设置正确的文件路径:

send_file "#{file.filename.file}"

然后它给出了这个错误:

Cannot read file #<CarrierWave::SanitizedFile:0x007f570c2b9e58>

我的路线正确吗?

【问题讨论】:

  • 您在开发或生产时遇到错误吗?
  • @SimoneCarletti 正在开发中。尚未在生产中尝试过
  • 你能发布更多关于错误的信息吗?检查您的 production.log 以获取更多信息。我的猜测是您在设置文件路径时出错。
  • @PhilM。刚刚发布了完整的错误日志
  • 开发中,文件/home/pubudu/Projects/istockseller/uploads/tobereviewed/thpubs/36603935是否存在?

标签: ruby-on-rails ruby-on-rails-4 carrierwave


【解决方案1】:

根据您的设置,CarrierWave 应该将您的文件保存在“/home/pubudu/Projects/istockseller/public/uploads/tobereviewed/thpubs/#{model.user.username.downcase}/somefile.ext”中

所以,理想情况下你的代码应该是

send_file "#{Rails.root}/public/#{file.image.url}"

假设您的上传列是图片。

【讨论】:

  • 不,它不会进入公用文件夹。我像这样设置了正确的文件路径: send_file "#{file.filename.file}" 但是它给出了这个错误:无法读取文件 #<:sanitizedfile:0x007f570c2b9e58>
【解决方案2】:

在控制器的操作中设置调试器。

def uploaded
  file = Submit.first

  debugger

  send_file "#{file.filename.file}"
end

现在,再次请求操作并转到调试器控制台。这里的一个提示是在调试器中打开“irb”。只需输入“irb”并回车即可。

查看 file.filename.file 返回的内容。我认为这是一个无效的路径,因此请检查该文件是否存在于您的文件系统中。然后,您可以重现下一步(send_file)并检查错误日志。

然后我建议你在你的计算机中打开 CarrierWave gem 的源代码并找出你的代码有什么问题。

在您的终端中,转到您的项目目录并运行:

bundle show carrierwave

这将打印您正在使用的载波 gem 源的路径。在你的编辑器中打开它,根据错误日志找出你的代码有什么问题!

提示

如果您提供当前的错误日志(更新后),我们可能会为您提供更好的帮助。

Cannot read file #<CarrierWave::SanitizedFile:0x007f570c2b9e58>

还不够。完整的回溯会比这“一行”代码更好(尽可能使用 pastebin)。

【讨论】:

    猜你喜欢
    • 2015-11-17
    • 2019-02-01
    • 1970-01-01
    • 2012-07-02
    • 1970-01-01
    • 2011-09-19
    • 1970-01-01
    • 1970-01-01
    • 2018-12-30
    相关资源
    最近更新 更多
    热门标签
    Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode