I am using ImageMagick to read images from a partner server who just changed their hosting from http:// to https:// and now the images will not get processed using:
`Magick::Image.read(image_path)` when image_path is an https path. After reading more it seems imagemagick vulnerabilities were discovered and Heroku implemented a new policy.xml file at /etc/ImageMagick/policy.xml I read a few guides and tried to create my own policy.xml file, located here: /app/.ImageMagick/policy.xml <policy domain="coder" rights="read" pattern="HTTPS" /> When I run convert -list policy I get the following output: *Path: /app/.ImageMagick/policy.xmlPolicy: Coderrights: Read pattern: HTTPS* *Path: /etc/ImageMagick/policy.xml* *...[OTHER CODERS I WANT TO LEAVE AS IS]* *...* *pattern: HTTPS * *Policy: Coderrights: None* *...* *[MORE CODERS TO LEAVE AS-IS]* *...* It looks like the /etc/ImageMagick/policy.html is overwriting my app specific policy.xml. I just want to enable HTTPS for images (read) only. This has been working for years until last week. -- -- You received this message because you are subscribed to the Google Groups "Heroku" group. To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/heroku?hl=en_US?hl=en --- You received this message because you are subscribed to the Google Groups "Heroku Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
