Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
StaticFiles middleware doesn't follow symlinks
See original GitHub issueChecklist
- The bug is reproducible against the latest release and/or
master. - There are no similar issues or pull requests to fix it yet.
Describe the bug
The StaticFiles middleware is checking the os.realpath of a file and returning a 404 for symlinks that lead outside the static directory.
To reproduce
- create a minimal app with a staticfiles middleware
- put a symlink in your static directory. the link’s target must be above the static directory.
- you’ll get a 404
Expected behavior
Support symlinks in static directory.
The use case for symlinks in static is to target frontend assets that are being generated in file-watch mode.
Actual behavior
Debugging material
It’s happening here: https://github.com/encode/starlette/blob/b95acea973c20eea3e7cbbca42d09b1f5d4a3412/starlette/staticfiles.py#L147-L149
Environment
- OS: linux
- Python version: 3.7.5
- Starlette version: 0.13.8
Additional context
I’m happy to post a PR for this if useful, ideally adding a bool param to the StaticFiles middleware that allows symlinks.
Issue Analytics
- State:
- Created 3 years ago
- Reactions:5
- Comments:16 (9 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Report about the incident: https://github.com/encode/starlette/pull/1681#issuecomment-1152178256
Yeah, I’m going to clarify things in a few hours. 👍