laravel-swoole
laravel-swoole copied to clipboard
swooletw
Static resources via symlink no longer work
Make sure you read Issues Guideline and answer these questions before submitting your issue. Thanks! (Any non-English issues will be closed immediately.)
- Please provide your PHP and Swoole version. (
php -vandphp --ri swoole)
PHP 8.0.3 (cli) (built: Mar 4 2021 05:33:14) ( NTS ) Copyright (c) The PHP Group Zend Engine v4.0.3, Copyright (c) Zend Technologies
Swoole => enabled Author => Swoole Team [email protected] Version => 4.6.4 Built => Mar 30 2021 15:39:43
- Please provide your Laravel/Lumen version.
Laravel 8.
-
Which release version of this package are you using?
-
What did you do? If possible, provide a recipe for reproducing the error. Created a Symlink in /public folder and set
SWOOLE_HANDLE_STATICto true in .env -
What did you expect to see? Expected to be able to see the static file from a symlink
-
What did you see instead? 404 Not Found
It looks like the following Merge broke the static resources served via symlink.
https://github.com/swooletw/laravel-swoole/commit/96a93e93b5a97a6aefa6b6dfa5e2b346c9fb4af9#diff-5c6e8c22956d54a6193a50ec2c2ca80a8b2be45efa15faa70a2e5f9d0f29d380
$fileName = @realpath($publicPath . $uri);
The above line in SwooleTW\Http\Transformers\Request now returns the real path of the file, and then on line 196 it compares it against public path which does not match, returns false and hence will not serve the static file.
if (substr($fileName, 0, strlen($publicPath)) != $publicPath) {
return false;
}
Hello, thanks for reporting this issue.
Well, looks it will always be false indeed
Introduced at https://github.com/swooletw/laravel-swoole/pull/462
We should find a better way to fix the lfi issue by changing this if
I think the issue is this line $fileName = @realpath($publicPath . $uri); realpath is a system call which resolves symlink to it's original value.
Maybe we could use the "finder": https://github.com/laravel/octane/pull/112/files