1. There are no errors in apache2 error.log
2. post_max_size=8M, upload_max_filesize=2M, memory_limit=128M (all are default)
I tried uploading images of 2K, 26K and 1.1M. 2K and 26K files upload created an entry in qa_blobs table. 1.1M upload failed with a response that max file size allowed is 1M.
3. With the above setting, uploading a 1K image file fails. Copy-pasting the same image works.
4. Yes! Thats exactly how it looks:
<script>window.parent.CKEDITOR.tools.callFunction(0, 'http:\/\/www.yoursite.com\/?qa=blob&qa_blobid=2768752912040693139', '');</script>
I can then open a new tab in the browser and access the image with the same link and it works too.
5. Did you mean replace qa-wysiwyg-upload.php? I replaced only qa-wysiwyg-upload.php with the file you mentioned and also modified the qa-wysiwyg-editor.php as you suggested. The result was the same.
- No errors in apache2 error.log.
- Access log shows the POST request.
- I used tshark to capture the response and I see the response same as above:
<script>window.parent.CKEDITOR.tools.callFunction(0, 'http:\/\/www.yoursite.com\/?qa=blob&qa_blobid=17850641872237821965', '');</script>
- 1.1M file upload failed with: <script>window.parent.CKEDITOR.tools.callFunction(0, '', 'Maximum upload size is 1.0MB');</script>
Since the entries are being made in qa_blobs table, I think the upload is going through fine. And I do see the http response for the same. And I can access the image directly after that. Its just that the upload window does not pick up the link.
I have Userinfo plugin. I disabled the plugin but the result was the same.
I have enabled some options in Apache server. Not sure if they can cause any issues. Here is the response and additional headers:
HTTP/1.1 200 OK\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 200 OK\r\n]
[HTTP/1.1 200 OK\r\n]
[Severity level: Chat]
Response Version: HTTP/1.1
Status Code: 200
[Status Code Description: OK]
Response Phrase: OK
Date: Tue, 07 Sep 2021 12:49:37 GMT\r\n
Strict-Transport-Security: max-age=2592000; includeSubDomains\r\n
Expires: Thu, 19 Nov 1981 08:52:00 GMT\r\n
Cache-Control: no-store, no-cache, must-revalidate\r\n
Content-Security-Policy: frame-ancestors 'none';\r\n
X-XSS-Protection: 1; mode=block\r\n
[Content length: 148]
Keep-Alive: timeout=5, max=100\r\n
Content-Type: text/html; charset=UTF-8\r\n
[HTTP response 1/1]
[Time since request: 0.068028605 seconds]
[Request in frame: 7]
[Request URI: http://www.yourserver.com/wysiwyg-editor-upload?qa_only_image=1&CKEditor=a_content&CKEditorFuncNum=0&langCode=en
Content-encoded entity body (gzip): 148 bytes -> 136 bytes
File Data: 136 bytes
Line-based text data: text/html (1 lines)
<script>window.parent.CKEDITOR.tools.callFunction(0, 'http:\/\/www.yourserver.com\/?qa=blob&qa_blobid=273528782264378881', '');</script>