-
-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[stable22] Disable HEIC image preview provider for performance concerns #28079
Conversation
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
Because it was dissabled by default in the server nextcloud/server#28079 Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
What kind of problems was it causing? |
I'm also interested if this can be enabled in the config, my installation is for our local household only and not available through the internet. So security aside I'd like for us to have this functionality. |
Enable it again, please! |
Hi, please refer to our documentation how to enable preview provider. HEIC provider is still there but disabled by default for privacy reasons: https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html#previews |
Thanks for reply! I'm interested now what does it mean specifically? Something regarding GDPR? So not only performance issue? |
I would also like to know what the specific performance/ privacy concerns are; and if they apply to my use case |
I've installed plugin https://apps.nextcloud.com/apps/camerarawpreviews and I'm happy now. |
Interesting. While the technical information would still need to be translated to "normal" users/admins. So what is the worst that could happen and how likely is that? Does an attacker need access or is it "only" an issue for users able to upload content? If I got this right the decision was to just disable HEIC image preview generation by default, which is a rather quick workaround. But what next to that? |
Hello! I would also like to see HEIC preview to work. Could it be possible to fix vulnerability instead of just disabling? |
backport of #28077