Description

Right now, there are two image resolver options: id + '.tif' and the CloudFront preflight function. To add some flexibility, we should accept an optional printf-style template that the ID gets applied to. (e.g., '%s.tif', /path/to/images/%s.pyramid.tif).

Done Looks Like

• Built-in resolver accepts a resolverTemplate environment variable
• SAM templates updated to include resolverTemplate variable

Hello,

After deploying this with default settings, I noticed that the cloudfront distribution didn't carry over any of the CachingEndpoint settings. I think the way the template is set up uses deprecated values. I think Cloudfront now requires the use of cache policies for many of these configurations, e.g. MaxTTL and ForwardedValues, etc.

Perhaps relatedly, when accessing an info.json file through the cloudfront endpoint, the file gives the id incorrectly with the api endpoint, which breaks iiif functionality because it's not publicly accessible. Is this because the host is not being properly forwarded?

Hello,

Is there any sort of hard minimum for the memory size set for the lambda function? I see it is set at 3008 MB. After some brief testing, I noticed that for the images I was using each request was using between 150-300 MB memory. Of course, different image size would create different conditions, but just wondering if there's any other reason that I'm not seeing it would need to be that high, it if our image set was only necessitating that amount.

Thanks (and hopefully last time I bug you 😉)

Joseph Anderson

The maintenance template for CONTRIBUTING.md is used by all Samvera repos. Replace the current version with the updated maintenance template version.

When the CorsAllowOrigin setting is set to REFLECT_ORIGIN and CloudFront caching is enabled, the first Origin to request a particular resource causes the Access-Control-Allow-Origin response header to be cached, causing CORS errors for any other origin that tries to request the same resource.

Two possible solutions come to mind, but both introduce breaking changes:

• Include Origin as part of the cache key in the CloudFront cache policy (but this interferes with the existing CachePolicyID setting)
• Include a custom viewer-response CloudFront function to handle CORS (but this interferes with the existing ability to attach custom functions)

In the end, the best compromise solution might be (pseudocode):

if CorsAllowOrigin == "REFLECT_ORIGIN" && CachePolicyID == DEFAULT
  create CorsCachePolicy that includes the Origin in the cache key
  use CorsCachePolicy ID as the default behavior's cache policy
else
  use CachePolicyID  as the default behavior's cache policy
end

Then we just need to update the documentation to stress that, if using a non-default cache policy and REFLECT_ORIGIN, the cache policy must include the Origin request header as part of the key.

Fantastic project! I am curious if anyone has investigated using it in conjunction with a CDN? I have successfully managed to get the JSON files cached using CloudFront, however, the JSON file contains the original API Gateway endpoint. Any pointers on how I might go about changing the base URL in the JSON file would be much appreciated.

Effectively attempting to change

"@id":"https://random.execute-api.ap-southeast-1.amazonaws.com/latest/iiif/2/image_name",

To:

"@id":"https://random.cloudfront.net/iiif/2/image_name",

Description

• /iiif/[version] should return server status/feature information
• / should redirect to /iiif/[latest-version]

When I try to deploy with UseCacheBucket as false, it throws this error and fails:

"Change set creation failed. Reason: Template format error: Unresolved resource dependencies [CacheBucket] in the Resources block of the template"

Hello,

I've been testing this out and in the cloudwatch logs and am seeing alot of this kind of thing

WARN Unable to get dimensions for [image-id] using custom function. Falling back to probe().

Is that normal? Or is there something wrong with my source images?

Thanks,

Joseph Anderson

Hello,

I have a question about authentication. I understand the serverless-iiif isn't necessarily built out of the box to handle this, but I was wondering if you had any ideas about a way that I could require some sort of authentication for only a subset of resources. It seems straightforward to set up authentication for all resources, but not just for some. So imagine a scenario where most images are publicly accessible, but there's a subset that are embargoed from public view. The first thing that comes to mind is that the lambda function checks with some database or list to see if the requested item is 'public' or 'private' and then uses that to determine if it needs to check for authentication. But I'm wondering if I'm not missing something more obvious, or if that approach would terribly slow down the whole process.

Thanks,

Joseph Anderson

Add the following branch renaming language to the README for this repository.

## Contributing 

If you're working on a PR for this project, create a feature branch off of `main`. 

This repository follows the [Samvera Community Code of Conduct](https://samvera.atlassian.net/wiki/spaces/samvera/pages/405212316/Code+of+Conduct) and [language recommendations](https://github.com/samvera/maintenance/blob/master/templates/CONTRIBUTING.md#language).  Please ***do not*** create a branch called `master` for this repository or as part of your pull request; the branch will either need to be removed or renamed before it can be considered for inclusion in the code base and history of this repository.

Rationale

Git's default "master" branch derives from "master/slave" jargon which perpetuates systemic racist language and systems (see email Replacing "master" reference in git branch names). To uphold our Code of Conduct, we must move away from the term "master" in our technical language (as well as words like blacklist or whitelist).

Related work

• Background on the renaming effort is available in the working group notes.
• See the GitHub Renaming documentation for the changes that GitHub made during the renaming process.

Hello all,

This may be a rather elementary question/issue, but I'm having problems accessing a test image manfest. The image in question is here: https://digital-anon-facsimiles.s3.eu-west-2.amazonaws.com/m48-1-test.tiff but I cannot seem to access a manifest for it using the suggested pattern in the Source Images section of the readme. I've been trying variants on the following: https://digital-anon-facsimiles.s3.eu-west-2.amazonaws.com/iiif/2/m48-1-test/info.json but haven't been having much luck.

Also, when I use the CloudFormation endpoint in place of the S3 bucket URI (i.e., https://dm2vkd8jzjuqr.cloudfront.net/iiif/2/m48-1-test/info.json) I get the following error message: InvalidARN: ARN accountID does not match regex "[0-9]{12}".

I'm probably missing something very basic but am new to AWS...
Thanks in advance!
Josh

Descriptive summary

This repository’s default branch has already been renamed to main using GitHub’s renaming tool. In order to preserve automatic redirection of links that reference the old branch name master to the new default main branch, a branch with the old name should not be recreated.

CircleCI can be used to prevent the recreation of the old default branch name by preventing PRs with a branch named master from being merged by causing a test failure during continuous integration.

Rationale

Git's default "master" branch derives from "master/slave" jargon which perpetuates systemic racist language and systems (see email Replacing "master" reference in git branch names). To uphold our Code of Conduct, we must move away from the term "master" in our technical language (as well as words like blacklist or whitelist).

Expected behavior

If a PR is submitted with a branch named master, the continuous integration tests should fail.

Actual behavior

If a PR is submitted with a branch named master, the continuous integration tests will not fail because of the branch name.

Related work

Background on the renaming effort is available in the working group notes.

Hello,

We are reviewing the requirements for using auth type AWS_IAM as the auth type for the IIIF API Lambda, behind CloudFront. Outside of the necessary IAM permissions there is a requirement for signed requests when invoking the function using this auth type. Ultimately this application will transition to another team and we are doing our best to keep custom code to a minimum.

Has the Samvera community implemented the IIIF API function using the AWS_IAM auth type?

Thanks,
Brian

Hello all,

I'm trying to compress my .tif files to slim them down from a bulky ~100mb, and am receiving an error message when trying to access the live files. I'm using ImageMagick to convert the images, with the following command:

for i in *; do 
    convert -density 300 $i -define tiff:tile-geometry=256x256 -compress jpeg -verbose ptif:./output/"$i.tif"; 
    echo "$i converted...";
done

The only thing I've changed since initially generating the images is adding the -compress jpeg flag.

My images convert and compress without a hitch and once uploaded through S3, everything seems fine: the image is viewable through a direct link and the Image API json for a given compressed image is accessible, but the images don't appear in Mirador, etc. and when I try to access the .tif for a compressed image through the server endpoint (i.e., a link like this https://llkn576nqxepo6yucgfh2nl2ea0kkigc.lambda-url.eu-west-2.on.aws/iiif/2/m1-8-1/m1-8-1-1/full/max/0/default.tif) I receive a plaintext error message:

Error: VipsJpeg: Bogus JPEG colorspace
tiff2vips: decompress error tile 0 x 0

The uncompressed images work just fine: I can access them either through a viewer or directly using their URI.

Is this something you can help with?

Thanks,
Joshua

Hi! I'm working on a project that's essentially a wrapper architecture for serverless-iiif using GitHub for batch item & asset management: https://middlicomp.github.io/aperitiiif/

So first off: thank you for sharing and documenting serverless-iiif! It's been excellent to work with so far.

I'm at the point where I have a PoC working, and now comes the real service scoping work. I'd like to be able to track access—potentially for billing departments using the service, but mostly to get a sense of item usage.

I could write some custom functions in my serverless-iiif implementation to save access stats (e.g., to a key-value DB or log file) as assets are requested. But I'm wondering:

• Is this something you'd be interested in getting a PR for?
• Is this a rational approach? Or is there a more AWS-y way to get this information with less overhead? (e.g., parsing API Gateway CloudWatch logs downstream...?)

If this is totally out of scope, feel free to respond with a shrug emoji & close the issue!

Descriptive summary

This repository’s default branch has already been renamed using GitHub’s renaming tool. Links that reference the old branch name are automatically forwarded to the new default branch. But string references are not automatically updated.

Check this repository for hard-coded string references to the legacy “master” default branch and update them to the new default branch name “main.”

Important places to check include, but are not limited to:

• READMEs
• wikis
• other documentation

NOTE: READMEs, wikis, and other documentation are important to update to avoid confusion and correct errors in long lasting documentation.

Less common places to check:

• code
• Issues/PRs

NOTE: String references to themaster branch in Issues, PRs, and code are uncommon. Also Issues and PRs are temporal in nature, making it less critical to update those occurrences.

Rationale

Git's default "master" branch derives from "master/slave" jargon which perpetuates systemic racist language and systems (see email Replacing "master" reference in git branch names). To uphold our Code of Conduct, we must move away from the term "master" in our technical language (as well as words like blacklist or whitelist).

Related work

• Background on the renaming effort is available in the working group notes.
• See the GitHub Renaming documentation for the changes that GitHub made during the renaming process.

Hi,

Thank you for all of your help in the past.

We were reviewing the CloudFront version of the template and noticed it creates a cache bucket. Is there a way to supply a cache bucket via the SAM cli or some other mechanism in order to bypass that functionality... similar to the how the Standalone version of the template works?

Thanks in Advance,
Brian

We had to fix this by installing a viewer-request function (https://github.com/pulibrary/serverless-iiif/blob/main/src_edge/index.js), the comment in there describes the issue best I think:

  // The lambda will write to an S3 bucket and fall back to it if the image is
  // too big. Unfortunately the object URL for S3 replaces % with %25, so
  // fallback doesn't work. So rewrite % to %25, and then the lambda will use
  // x-original-uri, while S3 will have the right request URI.

Hi there. I'm attempting to get to "hello world" via this serverless-IIIF project. Thanks for your work on this; I'm super excited to see it in action, and perhaps to contribute in the future.

(This might not be the right channel for support requests like this, but I imagine since this is so close to initial configuration, it's possible this may be a documentation error? It could also, of course, be an error on my part. :) If this should go elsewhere, please let me know, and apologies.)

So, I'm following the "AWS Console" instructions pretty carefully, and everything seems green, but I'm getting an error.

I have an image hosted (in an S3 bucket):

• https://bcw-images.s3-us-west-1.amazonaws.com/test/tree.JPG

I have followed the README instructions, and have a Lambda function serverlessrepo-serverless-iiif with a big green checkmark, "Your application has been deployed". I see an "Endpoint" key with the value https://qc6j9iny34.execute-api.us-west-1.amazonaws.com/latest/iiif/2/, and the description "IIIF Endpoint URL". (I also see an "ApiId" which I am ignoring so far.) I pointed the stack at the correct bucket bcw-images; I believe I have opened the permissions in the bucket, and opened CORS.

Hitting https://qc6j9iny34.execute-api.us-west-1.amazonaws.com/latest/iiif/2/ gives an Auth error:

{"message":"Missing Authentication Token"}

Hitting https://qc6j9iny34.execute-api.us-west-1.amazonaws.com/iiif/2/test/tree/info.json, as in the README, gives an Access error:

{"message":"Forbidden"}

Same for /iiif/2/test/tree/full/full/0/native.jpg, and if I encode the slashes in the URL: https://qc6j9iny34.execute-api.us-west-1.amazonaws.com/iiif/2/test%2Ftree/info.json

Please let me know if anything obvious pops out at you. I'd appreciate any input.

Description

In order to make the IIIF server easier to customize without forking and changing code, it should be able to call out to a separate Lambda to facilitate things like authentication and authorization that are out of scope for this project, as well as more complex file resolution based on the full request event and not just the image ID.

Proposal

Add a preflightFunctionArn configuration option. If it's missing or empty, the server behaves exactly as it does now. If it's present, it is called (with the full Lambda event) first thing, returning either the location of the image file in S3, or an UNAUTHORIZED response.

Hi,

We have noticed several requests that miss the cache, for example image zoom requests. To mitigate overloading the (HTTP) origin with concurrent lambdas sending zoom requests, we are considering caching the source image at the edge or in memory.

Has the serverless IIIF community considered a local caching scenario to store files retrieved from an external source (jp2), for image viewer processing, to avoid generating dozens of requests to the source for each viewer operation?

Thanks,
Brian

When using the REFLECT_ORIGIN CORS setting, The Origin request header needs to be part of CloudFront's cache key to prevent different origins getting each other's CORS responses.

The better way to handle this would be with a viewer-response function, but since we currently allow those to be configurable at deploy time, overriding that would be a breaking change. We can consider that for a future major release.

The documentation on CloudFront request/response functions can be much better. It should probably cover:

• writing request/response functions
• x-preflight-* headers
• auth examples
• links to CloudFront Functions/Lambda@Edge docs at AWS
• deploying serverless-iiif from SAM with functions attached

Hi,

Thanks again for the new layer that support JP2000... I just had time allocated to spin it up this sprint. I'm getting the following error.

"errorMessage": "\nSomething went wrong installing the \"sharp\" module\n\nCannot find module '../build/Release/sharp-linux-x64.node'\nRequire stack:\n- /var/task/node_modules/sharp/lib/sharp.js\n- /var/task/node_modules/sharp/lib/constructor.js\n- /var/task/node_modules/sharp/lib/index.js\n- /var/task/node_modules/iiif-processor/lib/transform.js\n- /var/task/node_modules/iiif-processor/index.js\n- /var/task/index.js\n- /var/runtime/index.mjs\n\nPossible solutions:\n- Install with verbose logging and look for errors: \"npm install --ignore-scripts=false --foreground-scripts --verbose sharp\"\n- Install for the current linux-x64 runtime: \"npm install --platform=linux --arch=x64 sharp\"\n- Consult the installation documentation: https://sharp.pixelplumbing.com/install"

Any thoughts as to what we're doing incorrectly?

Thanks in advance

Hey @mbklein :)

The IIIF server is working great...we're deploying the cloudfront option using sam deploy.

Is there a recommended approach to providing security around access to the images. Like say we wanted to do a database look up, verify credentials or check some other business rules before honoring the request.

Do you have insights into that side of things?

All insights appreciated.

Description

When accessed through CloudFront, the @id field of the info.json file is using the standalone function URL as the base instead of the CloudFront domain URL.

Done Looks Like

• @id is correct when accessed via standalone or CloudFront

I'm setting the CacheDomainName parameter when deploying the CloudFront-Enabled version of 4.1.1. DNS CNAME records are set to the same custom domain. This all works as expected. The service can be invoked with the custom domain the data in the info.json responses look great, with the exception of the @id field which includes the lambda domain rather than my custom domain. I had expected that to be replaced with the value entered for CacheDomainName. Is it possible to configure the service to include the custom domain in @id field?

Hi,

We recently deployed a vanilla serverless-iiif with version 3 of the layer, but have been unsuccessful in being able to render an image. All of the defaults are in place. I added a couple of tif formatted images to the tiffBucket from Wikipedia (Creative Commons License).

What we have observed:

• Requests for the images added to the tiffBucket result in the following error: Error: Unhandled transformation error: null
• Requests for info.json result in the following error: Not Found

Our observations are consistent whether we are testing via the CloudFront URL or the function URL. This is happening irrespective of the metadata being set on the image.

Is there something we are missing outside of ensuring the images are in the correct bucket and are tif for a vanilla deployment?

Hello,

I'm testing out the new version, specifically the cloudfront-enabled version and I'm running into a wall. Logs are all showing this kind of error below. I deployed from the SAR. Just a basic deployment to test.

2022-07-11T21:16:44.995Z 5a2df24f-5d7d-43f8-95c8-40646f2eb2c1 ERROR NotFound: null at Request.extractError (/opt/nodejs/node_modules/aws-sdk/lib/services/s3.js:691:35) at Request.callListeners (/opt/nodejs/node_modules/aws-sdk/lib/sequential_executor.js:106:20) at Request.emit (/opt/nodejs/node_modules/aws-sdk/lib/sequential_executor.js:78:10) at Request.emit (/opt/nodejs/node_modules/aws-sdk/lib/request.js:686:14) at Request.transition (/opt/nodejs/node_modules/aws-sdk/lib/request.js:22:10) at AcceptorStateMachine.runTo (/opt/nodejs/node_modules/aws-sdk/lib/state_machine.js:14:12) at /opt/nodejs/node_modules/aws-sdk/lib/state_machine.js:26:10 at Request.<anonymous> (/opt/nodejs/node_modules/aws-sdk/lib/request.js:38:9) at Request.<anonymous> (/opt/nodejs/node_modules/aws-sdk/lib/request.js:688:12) at Request.callListeners (/opt/nodejs/node_modules/aws-sdk/lib/sequential_executor.js:116:18) { code: 'NotFound', region: null, time: 2022-07-11T21:16:44.990Z, requestId: 'C0C0V2MZNE9SSCKT', extendedRequestId: 'm2x+Yj50FwGfFicNhs+U2JYmw/Pe4EUuwqgMDc1TD6W3QGbA7CUVHenECjtDJ8fHouYtYp2kg3o=', cfId: undefined, statusCode: 404, retryable: false, retryDelay: 8.697074109187763 }

Thanks,

Joseph

Description

On April 6, 2022, AWS announced Lambda Function URLs, which provide a way to invoke Lambda functions via HTTPS without the maintenance overhead of an API Gateway. This is likely the best way forward for the Serverless IIIF project.

To Do

• Investigate replacing the REST API with a single Lambda Function URL.
• Investigate implications for 6MB response payload limit / CloudFront workaround.

In trying to deploy this I get the following:

The runtime parameter of nodejs8.10 is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs12.x) while creating or updating functions. (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: 39b92f82-90fe-49e6-b394-4ae9fa59fde3)

Hey guys;

I'm getting the following error when calling the cloudfront end point.

Error: Cannot find module 'iiif-processor'

I ran npm install at the root folder before running the following command in sam/cloudfront.

sam deploy --capabilities CAPABILITY_IAM CAPABILITY_AUTO_EXPAND --guided

Any idea what might be the cause?

Thanks for any pointers.

The Renaming Branch Working Group is in the process of renaming the default branch from master to main in Samvera and Samvera-Labs repos. This brings repositories into compliance with the Samvera Community Code of Conduct (https://samvera.atlassian.net/wiki/spaces/samvera/pages/405212316/Code+of+Conduct) and language recommendations (https://github.com/samvera/maintenance/blob/master/templates/CONTRIBUTING.md#language).

This issue will be complete when the master has been renamed to main.

Related issues will have a title beginning with RENAME.

Hey guys;

Firstly thanks to all who built serverless-iiif. It's working great.

I have need to override the headers that are returned here:
https://github.com/nulib/serverless-iiif/blob/v2.0.1/src/index.js#L46

Also, would it be possible to allow for more than just tiff images on this line:
https://github.com/nulib/serverless-iiif/blob/v2.0.1/src/resolvers.js#L7

Is there intention to make those bits configurable?
Is there a reason for having the service only work on tifs?

Thanks for any pointers.

I tried to deploy the serverless IIIF application using https://eu-west-1.console.aws.amazon.com/cloudformation/home?region=eu-west-1#/stacks/create/template?templateURL=https://nul-public.s3.amazonaws.com/serverless-iiif/deploy.yaml.
The process terminate with a rollback with a CREATE_FAILED error related to Dependencies50202cd119. The explaination of the error was:

Error occurred while GetObject. S3 Error Code: PermanentRedirect. S3 Error Message: The bucket is in this region: us-east-1. Please use this region to retry the request (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: a4f0d97a-3e93-42e5-8a84-f9e717469023).

I retry the deployment in the us-east-1 region and the deploy procedure works fine.

Hello,

Is there an example in the serverless-iiif community that uses HTTP instead of S3 for image source retrieval? Our image sources are on-premises and transferring the sources to S3 is not an option for us at this time. If there is no concrete example, if you could share your thoughts on step-functions as a solution as well as any other solutions that would allow for retrieving sources via HTTP, that would be highly appreciated.

Thank You,
Brian

Hello,

We have a Loris implementation of IIIF running Apache with rewrite rules to handle routing from a custom path structure to the IIIF API. Is there a way to mimic this functionality that is built into any of the dependencies in this project... or a solution from the broader community that has addressed this issue?

e.g. ...mydomain.com/<iiif-image-id>/<params> -> ...mydomain.com/iiif/2/<iiif-image-id>/<params>

Thank You,
Brian

Is there a way to pass a maxWidth to the iiif-processor from this application?

Thanks,

Joseph

Description

We (Northwestern) have been talking about giving this project a catchy name and its own website, similar to the ones that exist for the front-end IIIF tools clover and bloom. This would also provide an opportunity to create detailed documentation that goes beyond a single README.

Done Looks Like

• Project Name
• Logo
• Website content (description, features)
• Documentation

AWS Lambda now supports streaming-enabled functions, with a soft response payload size limit of 20MB, instead of the hard 6MB limit on buffered responses. This might be an opportunity to simplify our deployment by getting rid of the need for the cache bucket/CloudFront failover origin workaround for large responses.

Hello,

Just came across this and am excited to test it out, but was wondering if there are any plans to upgrade this to IIIF Image API 3.0 in the near future?

Hey guys;

I'm getting a perms issue that results in a 403 when trying to make calls to any of the image server end points.

It seems like in a previous iteration of serverless-iiif I didn't have to add any special configuration to make calls to the image server just work.

If I CURL to the end point I get the following:
"Message":"User: anonymous is not authorized to perform: execute-api:Invoke on resource: arn:aws:execute-api:us-east-1:********4595:gdaw62mwig/latest/GET/iiif/2/repositories%2Fryanlocaldec222%2F2022-03%2FPfgbA76SdmegALIrJ3SA_jimmy.jpg/info.json"

If anyone can speak to why I might be getting this with the latest code I would appreciate it.

Thanks!

Description

It looks like this change to the template added a lambda layer version that is failing to deliver images in time:

In our application, we reverted to version 1 of the lambda layer and it got large images to work again.

Hi all,

I just deployed serverless-iiif last week. I used SAM CLI to include the most recent commits after encountering similar permissions issues to #58, and am *so close!* to getting an MVP up and running.

Current bug is with CORS. When I try loading my sample manifest into my Mirador instance, i get the following error logged to console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at 
https://twt4gwyokx4jxgo2tcptgtn4v40qajbb.lambda-url.us-east-1.on.aws/latest/iiif/2/rijks-test_kasukawa-001/info.json.  
(Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘*, https://dss.hosting.nyu.edu/’).

But the headers on that resource (https://twt4gwyokx4jxgo2tcptgtn4v40qajbb.lambda-url.us-east-1.on.aws/latest/iiif/2/rijks-test_kasukawa-001/info.json) via lambda-url show the following:

➜ curl -I https://twt4gwyokx4jxgo2tcptgtn4v40qajbb.lambda-url.us-east-1.on.aws/latest/iiif/2/rijks-test_kasukawa-001/info.json
HTTP/1.1 200 OK
Date: Tue, 05 Jul 2022 20:50:28 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
x-amzn-RequestId: f3fb9c92-153a-4454-b767-8f6d583fc09d
access-control-allow-origin: *
X-Amzn-Trace-Id: root=1-62c4a413-7b91ab186defb8460dd48e52;sampled=0
access-control-allow-credentials: true

Things I've tried:

• Enabling CORS on cache bucket
• Forwarding headers from CloudFront

Any advice or recommendations? Thanks for your time & repo!

Hey guys;

If I wanted to have the IIIF server simply return files that aren't images (for example an mp4 file)...is there a recommended approach?

Description

When the resolved S3 location is not present, the server throws an unhandled error and returns an AccessDenied response. Proper error responses should include:

• 404 Not Found when the S3 object is missing
• 400 Bad Request on a malformed request
• 500 Server Error on an unknown/unhandled error

Hi,

Is there any information we should be made aware of, outside of the custom libvips and minor tweaks to the standalone CF template, that can help in achieving the goal of supporting JPEG 2000 formatted images?

When doing an XmlHttpRequest preflight check with credentials: true, browsers won't accept Access-Control-Allow-Origin: * as a passing response. It requires the value of the response header to explicitly include the value provided in the Origin request header.

It's easy enough to automatically copy the request's Origin to the response's Access-Control-Allow-Origin, but we should consider (and document) the security implications, and possibly making it an opt-in configuration option.

Related issue: #103

Thank you very much I could successfully deployed to my aws account, and I can access my images on my browser.
However, if I pass xxxx/info.json URL to the below I get "Validation Error: Top level @context is not known" error.

https://iiif.io/api/presentation/validator/service/

In fact, it expects

"@context": "http://iiif.io/api/presentation/2/context.json"

instead of

"@context": "http://iiif.io/api/image/2/context.json"

I am currently in trouble with one of the IIIF viewers (below) which is refusing to show my images (at least) with this error.

http://codh.rois.ac.jp/software/iiif-curation-viewer/demo/?manifest=xxxxxx/info.json

I am very new to IIIF, so cannot decide which behavior is correct, but this is blocking me from using this server (and am being forced find alternative) although I found this server quite easy to setup and promising.

By the way, is it rather node-iiif behavior?