Image rendering and resizing daemon
Closed, ResolvedPublic
Actions

Assigned To

None

Authored By

	• brion
	Feb 4 2006, 3:15 AM

Description

We've kicked this idea around for some time but haven't yet implemented it.
It would be great to have a nice little daemon for doing image resizes safely:

No more ImageMagick shell-character-exploit or buffer-overflow scares
Reduce and unify library and subprogram dependencies for application servers

(vs varying versions of ImageMagick, librsvg, libart/cairo, freetype, etc)

Integrate a nice SVG renderer like Batik
Potential to isolate CPU and memory usage by running on separate boxes

Requirements:

downscale PNG -> PNG
downscale JPEG -> JPEG
downscale GIF -> GIF
rasterize SVG -> PNG
The SVG renderer must be used in a restricted mode: a SVG must not be able to

include resources loadeded from disk or the network, as this could be a security
vulnerability.

Any alpha-transparent PNGs must set the background color chunk to white

to avoid weird unexpected colors in old versions of IE.

Application servers should be able to communicate with the daemon by a

standard, easy to integrate protocol such as HTTP. A simple REST interface
is preferred over XML-RPC or SOAP.

If in Java, should be possible to compile with Eclipse compiler and run

with GNU Classpath and an open-source VM, even if we use another VM in
production for performance preferences.

I'd like to see also:

Better control over output format (grayscale staying grayscale, avoiding

wasted bandwidth etc)

If possible, 'safe' memory usage for resizes of large PNGs as well as JPEGs.

Loading a 10kx10k pixel bitmap into memory to make a 100x100 thumbnail doesn't always end well.

Other file formats welcome.

There are two main possibilities for data transfer:

POST an upload of the source file, and receive the data back. MediaWiki

will deal with reading the file from disk and saving the thumbnail back.

Send and receive pathnames (or partial pathnames). Daemon will handle

disk access, and simply return a file references.

The path references are likely more efficient, but may require sanitizing
for safety.

Version: unspecified
Severity: normal

Details

Reference: bz4854

Revisions and Commits

rARC Arcanist
	rARCdd514e268b2c Modify the `lint-test` file format to allow for more powerful assertions

Event Timeline

• bzimport raised the priority of this task from to Low.Nov 21 2014, 9:05 PM

• bzimport added a project: MediaWiki-extension-requests.

• bzimport set Reference to bz4854.

• bzimport added a subscriber: Unknown Object (MLST).

• brion created this task.Feb 4 2006, 3:15 AM

mdale wrote:

some comments posted here: http://lists.wikimedia.org/pipermail/wikitech-l/2009-April/042693.html

sumanah wrote:

Zhe Wu wrote code to solve this problem for a 2009 GSoC project.

Zhe's status email: http://lists.wikimedia.org/pipermail/wikitech-l/2009-August/044586.html

Zhe's code: https://github.com/wuzhe/imgserve

Install instructions: http://pypi.python.org/pypi/imgserve

Created attachment 14118
python code

The repo was deleted from GitHub but is still available on pypi (190 downloads last month): attaching the package here in case it disappears there too.

Attached:

imgserve-0.2.tar.gz992 KBDownload

Created attachment 14119
egg package

Attached:

imgserve-0.2-py2.5.egg239 KBDownload

Meno25 unsubscribed.Jan 17 2017, 4:23 PM

Harej moved this task from Incoming to Confirmed Extension Requests on the MediaWiki-extension-requests board.Feb 1 2018, 8:07 PM

Is this territory covered by thumbor?

Restricted Repository Identity closed this task as Resolved by committing rARCdd514e268b2c: Modify the `lint-test` file format to allow for more powerful assertions.Oct 9 2019, 11:45 PM

Restricted Repository Identity added a commit: rARCdd514e268b2c: Modify the `lint-test` file format to allow for more powerful assertions.