More secure private attachments - GA #54551
Replies: 24 comments 80 replies
-
Do you have plans to introduce the feature to internal repository in the future? |
Beta Was this translation helpful? Give feedback.
-
Hi! Sorry, is there any plans to return signed links via API? There're a lot of scripts/actions that expect accessible URLs of images and other attachments, and currently all of them are broken since not signed links are being returned via API and event payloads in Actions 😢 As I see right now the only way to get signed link via API is to use graphql API and bodyHTML field, but it's not very convenient... Maybe it makes sense to give ability to pass some header/param (e.g. Thanks. |
Beta Was this translation helpful? Give feedback.
-
Is there a way to disable it for certain repositories? |
Beta Was this translation helpful? Give feedback.
-
Looks like the links in notifications from the official Slack integration are broken. I'm not a Teams user, but I'm guessing the official Teams integration might have the same issue. It'd be nice if they could work as well as they do in email notifications! Plus, it used to be that images in the messages were displayed as previews, which was pretty handy. I'd be happy if we could keep that feature. |
Beta Was this translation helpful? Give feedback.
-
Hey, First, we would like to express our gratitude for the effort you have put in to introducing new features and improving the security of Github 🙌🏻 You are awesome guys. We have a github action that upon merging PR, we extracted the PR's description (including text and images), parsing it, and posting it to an internal Slack channel. Due to the introduction of secure private attachments, our current logic has been disrupted 😭. Could you suggest a best practice or provide guidance on how we can create a preview of a PR description for external system? Thank you. Edit - we did try to add the links manually but they were changed to |
Beta Was this translation helpful? Give feedback.
-
Hi. I'm a browser user and am logged in to my account. For several years I have been collaborating with another user that has a private repository. We often drag-drop images into issues on that user's private repository. Those images have handily showed up as thumbnails when I view an issue, and they still do. However, when I click on the image to display it full resolution I'm taken to a Obviously something is amiss if I'm able to drop images and see a thumbnail but not the full resolution image (unfortunately the full resolution image is sometimes required). I do have full privs on the repo. Is there a new setting my collaborator needs to change to ensure I can view the full resolution images? Followup: However, I do notice that if I edit an issue and extract the image url from there it links to the full rez image which I can dereference. So, I suppose I have a workaround for now. |
Beta Was this translation helpful? Give feedback.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
This comment was marked as spam.
-
This change is honestly a bummer – it was a really convenient perk of using Github to be able to share PR media with non-engineer coworkers who don't have a Github account by just sharing a link. And it's honestly hard to imagine a realistic threat model where link privacy/security-through-obscurity was insufficient for this kind of content. Yes, technically a change like this makes the Secure-ness thermometer on the wall go up by a point, but at what cost (and opportunity cost)? |
Beta Was this translation helpful? Give feedback.
-
@tuves this is a disappointing breaking change for tools which display GitHub markdown content. Is there a way to generate a "signed" version of one of these new asset URLs without parsing the markdown and making an API request for each one like this comment suggests? |
Beta Was this translation helpful? Give feedback.
-
Thanks @tuves, this is clearly an improvement security-wise. Are you planning a way to audit the already uploaded images as discussed here? We really need a way to remove unintended upload of images containing sensitive information from your servers. |
Beta Was this translation helpful? Give feedback.
-
Hi 👋 We're encountering an issue where images are intermittently (~75% of the time) not showing in our wiki when they have the subdomain private-user-images.githubusercontent.com. The issue appears to be that the JWT has expired (sometimes by a few minutes and sometimes by 1 hour +). I initially presumed this was a local browser caching issue however I have turned the browser cache off and the issue remains. This happens on initial page load so is different from the issue reported by orthopteroid earlier. Browsers tried are: Arc, Chrome, Chrome Mobile. |
Beta Was this translation helpful? Give feedback.
-
Is there a way to get image content from a script if your organisation has SSO enabled? We are facing the same issues as everyone else when trying to publish markdown from a repo. Tried the strategy in this comment but getting back a 200 response to an SSO login page rather than a redirect |
Beta Was this translation helpful? Give feedback.
-
@tuves thanks for the improvements! In the context of assets uploaded in a private repository, with a paid organization, is there any retention period on the assets? In which circumstances the assets may be deleted by GitHub? What are the storage limits (not individual assets, but total)? What happens when the repository is moved or deleted (assuming the asset was uploaded in one of the comments)? What if the user that uploaded the asset is removed from the organization, does that affect anything? Thank you in advance! |
Beta Was this translation helpful? Give feedback.
-
@tuves Where exactly is this applicable? I think I am still seeing the old behavior
What am i missing? |
Beta Was this translation helpful? Give feedback.
-
@tuves Having run into this change when using the Wiki functionality, it's certainly helpful, but when trying to use a local clone of the wiki, these new secure links also don't let us view the clone wiki repo with the images involved. Everything loads without the images or any way to get them all. While the security aspects are great, for something discrete and in a specific repo (like the Wikis), is there a chance to migrate to those images/attachments being stored in that repo vs externally in a way that's quite difficult to access? |
Beta Was this translation helpful? Give feedback.
-
I am not sure this is the right topic, but since about mid-november, all emails notifications for my PUBLIC repository (https://github.com/ocornut/imgui) and its issue tracker have had their image removed and replaced by "(view on web)" links, making e-mails notifications practically useless now. I am struggling to find any reference about this issue elsewhere. |
Beta Was this translation helpful? Give feedback.
-
+1 |
Beta Was this translation helpful? Give feedback.
-
GitHub comments abused to push malware via Microsoft repo URLs |
Beta Was this translation helpful? Give feedback.
-
💬 Your Product Feedback Has Been Submitted 🎉 Thank you for taking the time to share your insights with us! Your feedback is invaluable as we build a better GitHub experience for all our users. Here's what you can expect moving forward ⏩
Where to look to see what's shipping 👀
What you can do in the meantime 💻
As a member of the GitHub community, your participation is essential. While we can't promise that every suggestion will be implemented, we want to emphasize that your feedback is instrumental in guiding our decisions and priorities. Thank you once again for your contribution to making GitHub even better! We're grateful for your ongoing support and collaboration in shaping the future of our platform. ⭐ |
Beta Was this translation helpful? Give feedback.
-
This tends to cause cache taint and explosion: As in: Which should cause significant burden for both user and server: unnecessary bandwidth waste. See also: https://github.com/orgs/community/discussions/54551#discussioncomment-5903362 ---- [ JMBurley @ CE 2023-11-10 01:07:49 UTC: There are many summary charts, that are in-and-of-themselves a severe breach of data confidentiality. The change has its annoyances, but allowing secure info to be trivially made insecure: That said, allowing repo admins to choose the security model of attached images would be very welcome. ] Refer: https://github.com/MasterInQuestion/talk/discussions/8#discussioncomment-7609546 |
Beta Was this translation helpful? Give feedback.
-
Retiring this post as it is over 6 months old. If you have any questions, consider starting a new post. |
Beta Was this translation helpful? Give feedback.
-
Previously, all attached (drag-and-dropped) images and videos on GitHub Issues, Pull Requests, Discussions, and wikis were available to view without authentication if you knew their direct URL.
Now, future attachments associated with private repositories can only be viewed after logging in.
This doesn't apply retroactively to existing attachments, which are obfuscated by having a long, unguessable URL.
Email notifications sent from private repositories will no longer display images; each image is replaced by a link to view it on the web.
Content inside a Git repository is not affected by this change and has always required authentication for private repositories.
Learn more about attaching files.
Beta Was this translation helpful? Give feedback.
All reactions