Add a dedicated URL for fronting file attachments downloads.

 






 

 


  Review Request #13788
  —
  Created April 25, 2024 and submitted  — Latest diff uploaded 

 


















 

  

   Information

  





 
 

  chipx86
 









 
 

  Review Board
 









 
 

  release-7.x
 









 
 

  
 









 
 

  
 






 




 

  

   Reviewers

  





 
 

  reviewboard
 









 
 

  
 






 








 





  


 
 

  
When using a file storage service that expires URLs (such as Amazon S3),

we can end up caching URLs to assets that end up expiring upon later

viewing. This has always been a problem, depending on configuration, but

is more noticeable now with S3 since we're using some modern

dependencies that seem to default to storing assets non-publicly (making

it tricker to work around otherwise).


The solution to this is to provide stable URLs for file attachments.

When accessed, these check for valid permissions to access the content

(helping avoid scanning for attachments a malicious user shouldn't have

access to) and then redirect to the file in storage.


This can also help with keeping URLs stable when moving between storage

backends.


Presently, this adds some additional overhead to the file attachment

APIs, in terms of database queries. These are known issues already, and

will be addressed separately.

 








  


 
 

  
Unit tests pass.


Manually tested both user-uploaded file attachments and review request

file attachments, making sure that the HTML contains the correct URLs

and that the content was accessible.

 







 









 





  








 




 







   

    
    
Diff Revision 1 (Latest)



    

    


    

      
Commits

      

 

 

  
   First
   Last
  
  Summary
  ID
  Author
 



 
  
   
  
  
   
  
 
 
  
   
    

     Add a dedicated URL for fronting file attachments downloads.
     
When using a file storage service that expires URLs (such as Amazon S3),
we can end up caching URLs to assets that end up expiring upon later
viewing. This has always been a problem, depending on configuration, but
is more noticeable now with S3 since we're using some modern
dependencies that seem to default to storing assets non-publicly (making
it tricker to work around otherwise).

The solution to this is to provide stable URLs for file attachments.
When accessed, these check for valid permissions to access the content
(helping avoid scanning for attachments a malicious user shouldn't have
access to) and then redirect to the file in storage.

This can also help with keeping URLs stable when moving between storage
backends.

Presently, this adds some additional overhead to the file attachment
APIs, in terms of database queries. These are known issues already, and
will be addressed separately.

    

   
  		
  b1a9a28a521dd5ac6f07cf90901c01273e306690
  Christian Hammond
 




    


    
    

   

  

 









 

  

   
    

     
      
      reviewboard/attachments/models.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/attachments/views.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/reviews/urls.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/reviews/ui/image.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/reviews/views/__init__.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/reviews/views/attachments.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/webapi/tests/test_file_attachment.py
     
    

   
  

 



 

  

   
    

     
      
      reviewboard/webapi/tests/test_file_attachment_draft.py
     
    

   
  

 










     

    

   

  

  

   
   Loading...