Not authorized for readImageBlob

Questions and postings pertaining to the development of ImageMagick, feature enhancements, and ImageMagick internals. ImageMagick source code and algorithms are discussed here. Usage questions which are too arcane for the normal user list should also be posted here.
Post Reply
djolip
Posts: 4
Joined: 2015-12-18T07:11:20-07:00
Authentication code: 1151

Not authorized for readImageBlob

Post by djolip »

Hi everybody,
i have a litte problem with my script, my code is like this:

Code: Select all

$svg ="<?xml version=\"1.0\" encoding=\"UTF-8\" standalone=\"no\"?>
<svg xmlns=\"http://www.w3.org/2000/svg\" width=\"109\" height=\"109\" viewBox=\"0 0 109 109\">
<text x=\"10\" y=\"10\" font-family=\"Lato\">Holger</text>
</svg>";
 
$im = new Imagick();
$im->readImageBlob($svg); 
but Imagemagick says not authorized for this function.
I already deleted the rows

Code: Select all

<policy domain="coder" rights="none" pattern="MVG" /> 
<policy domain="coder" rights="none" pattern="TEXT" />
in the policy.xml
What else must i change that the function above is working?
Thanks a lot in advance.
Oli
snibgo
Posts: 12159
Joined: 2010-01-23T23:01:33-07:00
Authentication code: 1151
Location: England, UK

Re: Not authorized for readImageBlob

Post by snibgo »

What else do you have in policy.xml?
snibgo's IM pages: im.snibgo.com
djolip
Posts: 4
Joined: 2015-12-18T07:11:20-07:00
Authentication code: 1151

Re: Not authorized for readImageBlob

Post by djolip »

My policy.xml looks like this:

Code: Select all

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policymap [
<!ELEMENT policymap (policy)+>
<!ELEMENT policy (#PCDATA)>
<!ATTLIST policy domain (delegate|coder|filter|path|resource) #IMPLIED>
<!ATTLIST policy name CDATA #IMPLIED>
<!ATTLIST policy rights CDATA #IMPLIED>
<!ATTLIST policy pattern CDATA #IMPLIED>
<!ATTLIST policy value CDATA #IMPLIED>
]>
<!--
  Configure ImageMagick policies.

  Domains include system, delegate, coder, filter, path, or resource.

  Rights include none, read, write, and execute.  Use | to combine them,
  for example: "read | write" to permit read from, or write to, a path.

  Use a glob expression as a pattern.

  Suppose we do not want users to process MPEG video images:

    <policy domain="delegate" rights="none" pattern="mpeg:decode" />

  Here we do not want users reading images from HTTP:

    <policy domain="coder" rights="none" pattern="HTTP" />

  Lets prevent users from executing any image filters:

    <policy domain="filter" rights="none" pattern="*" />

  The /repository file system is restricted to read only.  We use a glob
  expression to match all paths that start with /repository:
  
    <policy domain="path" rights="read" pattern="/repository/*" />

  Any large image is cached to disk rather than memory:

    <policy domain="resource" name="area" value="1GB"/>

  Define arguments for the memory, map, area, and disk resources with
  SI prefixes (.e.g 100MB).  In addition, resource policies are maximums for
  each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
  exceeds policy maximum so memory limit is 1GB).
-->
<policymap>
  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
  <!-- <policy domain="resource" name="memory" value="2GiB"/> -->
  <!-- <policy domain="resource" name="map" value="4GiB"/> -->
  <!-- <policy domain="resource" name="area" value="1GB"/> -->
  <!-- <policy domain="resource" name="disk" value="16EB"/> -->
  <!-- <policy domain="resource" name="file" value="768"/> -->
  <!-- <policy domain="resource" name="thread" value="4"/> -->
  <!-- <policy domain="resource" name="throttle" value="0"/> -->
  <!-- <policy domain="resource" name="time" value="3600"/> -->
  <!-- <policy domain="system" name="precision" value="6"/> -->
  <policy domain="cache" name="shared-secret" value="passphrase"/>
  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
  <policy domain="coder" rights="none" pattern="URL" />
  <policy domain="coder" rights="none" pattern="HTTPS" />
  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
  <policy domain="coder" rights="none" pattern="MSL" />
  <!-- <policy domain="coder" rights="none" pattern="TEXT" /> -->
  <policy domain="coder" rights="none" pattern="SHOW" />
  <policy domain="coder" rights="none" pattern="WIN" />
  <policy domain="coder" rights="none" pattern="PLT" />
</policymap>
snibgo
Posts: 12159
Joined: 2010-01-23T23:01:33-07:00
Authentication code: 1151
Location: England, UK

Re: Not authorized for readImageBlob

Post by snibgo »

I don't know the answer. I suggest you gradually remove all restrictions until you find it.
snibgo's IM pages: im.snibgo.com
djolip
Posts: 4
Joined: 2015-12-18T07:11:20-07:00
Authentication code: 1151

Re: Not authorized for readImageBlob

Post by djolip »

Ok, thank you will try this.
I already wrote to the poster to remove line for line and then test it.
Thanks
Oli
Post Reply