Guest
home
beatmaps
rankings
community
store
help
forum
  1. Forums
  2. osu!
  3. Help
  4. Resolved Issues

[resolved] [web] Forums cannot display images from https://a.pomf.se

posted
Total Posts
11
Score_Under
103 posts
Joined June 2009
Topic Starter
Score_Under
Problem Details:

Images don't work in private message previews. Their URL gets overwritten with a fake URL which doesn't work.

Video or screenshot showing the problem:

https://a.pomf.se/kzoece.png


edit: updated title to reflect what we now know
Last edited by Score_Under , edited 1 time in total.
VeilStar
osu! Alumni
4,773 posts
Joined April 2014
VeilStar
The URL being 'overwritten' is normal. (Though I'm not sure why this is done, it does so for any image in a forum post.) It seems like direct image links from pomf.se don't get shown correctly if used between IMG tags though, which is the issue here and has nothing to do with previewing in PMs.

Score_Under
103 posts
Joined June 2009
Topic Starter
Score_Under
Test:

URL https://a.pomf.se/eqoghu.png


URL http://a.pomf.se/eqoghu.png


So the problem is:

1. Osu MITMs images
2. And fails to connect to a.pomf.se over HTTPS
abraker
Global Moderator
8,295 posts
Joined July 2014
abraker
All test images display correctly, I still don't see the problem.
VeilStar
osu! Alumni
4,773 posts
Joined April 2014
VeilStar

abraker wrote:

All test images display correctly, I still don't see the problem.
TheVileOne
osu! Alumni
8,431 posts
Joined March 2010
TheVileOne
That link is not to a https site. It needs to use the correct header.
Score_Under
103 posts
Joined June 2009
Topic Starter
Score_Under

TheVileOne wrote:

That link is not to a https site. It needs to use the correct header.
It is:
SPOILER
$ curl -vs https://a.pomf.se/eqoghu.png | file -
*   Trying 104.28.2.56...
* Connected to a.pomf.se (104.28.2.56) port 443 (#0)
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: none
* TLSv1.2, TLS Unknown, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Client hello (1):
} [512 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Server hello (2):
{ [108 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, CERT (11):
{ [3701 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Server key exchange (12):
{ [148 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Server finished (14):
{ [4 bytes data]
* SSLv2, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Client key exchange (16):
} [70 bytes data]
* SSLv2, Unknown (20):
} [5 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
} [1 bytes data]
* SSLv2, Unknown (22):
} [5 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
} [16 bytes data]
* SSLv2, Unknown (20):
{ [5 bytes data]
* TLSv1.2, TLS change cipher, Client hello (1):
{ [1 bytes data]
* SSLv2, Unknown (22):
{ [5 bytes data]
* TLSv1.2, TLS handshake, Finished (20):
{ [16 bytes data]
* SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
* ALPN, server accepted to use http/1.1
* Server certificate:
* 	 subject: OU=Domain Control Validated; OU=PositiveSSL Multi-Domain; CN=sni31021.cloudflaressl.com
* 	 start date: 2015-05-13 00:00:00 GMT
* 	 expire date: 2015-09-30 23:59:59 GMT
* 	 subjectAltName: a.pomf.se matched
* 	 issuer: C=GB; ST=Greater Manchester; L=Salford; O=COMODO CA Limited; CN=COMODO ECC Domain Validation Secure Server CA 2
* 	 SSL certificate verify ok.
* SSLv2, Unknown (23):
} [5 bytes data]
> GET /eqoghu.png HTTP/1.1
> Host: a.pomf.se
> User-Agent: curl/7.42.1
> Accept: */*
> 
* SSLv2, Unknown (23):
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: cloudflare-nginx
< Date: Wed, 13 May 2015 20:47:43 GMT
< Content-Type: image/png
< Transfer-Encoding: chunked
< Connection: keep-alive
< Set-Cookie: __cfduid=d9e2c8058382d29ea4a51ca88c93244491431550063; expires=Thu, 12-May-16 20:47:43 GMT; path=/; domain=.pomf.se; HttpOnly
< Last-Modified: Sun, 03 May 2015 21:45:33 GMT
< Vary: Accept-Encoding
< ETag: W/"554696fd-526a"
< Expires: Thu, 12 May 2016 20:47:43 GMT
< Cache-Control: public, max-age=31536000
< X-Frame-Options: DENY
< CF-Cache-Status: HIT
< CF-RAY: 1e61385685280cd1-LHR
< 
{ [3549 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* SSLv2, Unknown (23):
{ [5 bytes data]
* Connection #0 to host a.pomf.se left intact
/dev/stdin: PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced
TheVileOne
osu! Alumni
8,431 posts
Joined March 2010
TheVileOne
Hmm maybe it doesn't allow https outside of the osu domain. It seems to be an issue with the lazy loading of images.
Score_Under
103 posts
Joined June 2009
Topic Starter
Score_Under
This can probably be shoved into 'invalid' since pomf.se finally collapsed from lack of funds.
VeilStar
osu! Alumni
4,773 posts
Joined April 2014
VeilStar

Score_Under wrote:

This can probably be shoved into 'invalid' since pomf.se finally collapsed from lack of funds.
RIP kawaii file hosting.
peppy
19,301 posts
Here since the beginning
peppy
This is fixed now, for what it's worth.
Please sign in to reply.

New reply

0
1 / 11