Log message #4184355

# At Username Text
# Apr 24th 2019, 14:46 this.impetus well I gather that's why thumber uses its own routes; the URL doesn't point to the file directly, a string is generated by the plugin that presumably is translated to the actual filename
# Apr 24th 2019, 14:46 neon1024 Generating thumbnails is actually very easy with something like Intervention Image
# Apr 24th 2019, 14:46 neon1024 Same issue which Glide solved with request side auth
# Apr 24th 2019, 14:45 neon1024 Also, if that url is not secured your server is now open to DDoS attacks by someone hammering that url for different thumbnails
# Apr 24th 2019, 14:45 this.impetus Left out a key detail; when the plugin generates an img element, however, nothing is displayed
# Apr 24th 2019, 14:44 slackebot help me debug the problem on cake's terms
# Apr 24th 2019, 14:44 this.impetus morning cake wizards. I'm using a plugin that's supposed to generate thumbnails for images. It uses its own routes to point a generated URL to said thumbnail. If I plug the generated URL into my browser, it redirects to the thumbnail (after a fashion; it's not loading as an image but rather trying to read the file in as a document). I don't expect anyone to be familiar with the ins and outs of the Thumber plugin but perhaps someone can
# Apr 24th 2019, 14:35 charolastra i've uncommented the ->registerMiddleware('csrf',..) for the whole / scope but still get that InvalidCsrfTokenException
# Apr 24th 2019, 14:32 neon1024 So you wouldn’t enable the middleware in your `/api` prefix for example
# Apr 24th 2019, 14:32 neon1024 So I guess you manage it with routing
# Apr 24th 2019, 14:32 neon1024 :man-shrugging:
# Apr 24th 2019, 14:32 neon1024 > Stateless requests, for e.g. when developing an API, are not affected by CSRF so the middleware does not need to be applied for those URLs.
# Apr 24th 2019, 14:31 neon1024 Perhaps the details are in the documentation?
# Apr 24th 2019, 14:31 neon1024 https://book.cakephp.org/3.0/en/controllers/middleware.html#csrf-middleware
# Apr 24th 2019, 14:30 neon1024 You could with the component at least, and I bet the middleware has a similar thing
# Apr 24th 2019, 14:30 neon1024 You can disable it for certain controller actions if I recall
# Apr 24th 2019, 14:21 charolastra i'm trying to POST a JSON. basicly missusing it for a non-web based API where clients just push data
# Apr 24th 2019, 14:18 kaio.schmitt :,(:+1::skin-tone-2:
# Apr 24th 2019, 14:17 Martin` also i commented it out, I don't see a csrf cookie
# Apr 24th 2019, 14:17 Martin` oh yes, I believe it was already there? because I see it in my app too
# Apr 24th 2019, 14:13 charolastra saw that mentioned in previous versions. just found it in routes.php but removing it still shows "Missing CSRF token cookie"
# Apr 24th 2019, 14:11 Martin` not loaded in application.php ?
# Apr 24th 2019, 14:09 charolastra so since 3.7 the CSRF middleware is built in and not even loaded in Application.php? can it be disabled?
# Apr 24th 2019, 14:01 kaio.schmitt and instead of articles and comments I have the orders table and using several contains .. when I use this method of subquery it only does the select of the columns of orders and does not bring the rest and still of the error
# Apr 24th 2019, 13:59 slackebot <kaio.schmitt>
# Apr 24th 2019, 13:38 kaio.schmitt Good morning guys, I'm having a problem using UnionAll and then trying to do a paginate .. I tried to use it in sub query format but I did not succeed I think by the way I use several contains, can someone give me a light?
# Apr 24th 2019, 13:33 neon1024 Still not sure why the library needs that to encrypt a field
# Apr 24th 2019, 13:28 neon1024 Shame, I liked the EncryptedStringType
# Apr 24th 2019, 13:28 neon1024 Guess I’ll use an entity mutator method
# Apr 24th 2019, 13:11 asdfgh ok
# Apr 24th 2019, 12:49 neon1024 @asdfgh Yes, it should do
# Apr 24th 2019, 12:49 neon1024 @admad Oh yeah, I’ve done all that already, this is a library I’m implementing into my table class, but perhaps I can pass data through from the table schema method :slightly_smiling_face:
# Apr 24th 2019, 12:28 asdfgh neon1024 is working your proffer plugin with the last 3.7 ?
# Apr 24th 2019, 12:23 narendravaghela @neon1024 Yes, I just need it temporary. Command will run as a shell on actual server.
# Apr 24th 2019, 12:08 admad @neon1024 you are supposed to just registry the new type class using `Type::map()` and then specify the type for required table using table schema in `Table::_initializeSchema()`
# Apr 24th 2019, 11:53 charolastra what happened to the baking from table definitions in the tutorials?
# Apr 24th 2019, 11:45 neon1024 As Type classes don’t know the table or field
# Apr 24th 2019, 11:45 slackebot <neon1024>
# Apr 24th 2019, 11:44 neon1024 `public function __construct( CipherSweet $engine, $tableName = ‘’, $fieldName = ‘’, $useTypedIndexes = false ) `
# Apr 24th 2019, 11:44 neon1024 This is problematic
# Apr 24th 2019, 11:44 neon1024 So I’m trying to implement https://github.com/paragonie/ciphersweet/tree/master/docs into a custom data type class