Resized Image REST API Broken in 10.3.2.7882?

That isn't a REST API, its not meant to be called directly because it relies on you being signed in to the community.  In 11 that url would respect API authentication but not earlier, and this would have always been the case.  The REST API for files is https://community.telligent.com/community/10/w/api-documentation/61480/show-cfs-rest-endpoint.

Sorry, I didn't mention that we're using the default "Blog - Post List" wdiget in a grid layout with thumbnails showing.

Looking at the widget code, this section is where its grabbing the URL to display. Sometimes it uses:

/community/cfs-file/__key/communityserver-blogs-components-weblogfiles/...

and sometimes it uses:

/community/resized-image/__size/320x240/__key/communityserver-blogs-components-weblogfiles

Its the latter that is throwing 403 for me

#if ($showthumbnail)
	<div class="avatar">
	    #if ($viewLayout == 'grid')
	        #set ($imageWidth = 512)
		    #set ($imageHeight = 256)
	    #else
			#set ($imageWidth = 100)
			#set ($imageHeight = 100)
		#end
		<a href="$core_v2_encoding.HtmlAttributeEncode($post.Url)">
			$core_v2_ui.GetResizedImageHtml($postImage, $imageWidth, $imageHeight, "%{border='0px', alt=$post.Name, ResizeMethod = 'ZoomAndCrop' }")
		</a>
	</div>
#end

Sorry, I didn't mention that we're using the default "Blog - Post List" wdiget in a grid layout with thumbnails showing.

Looking at the widget code, this section is where its grabbing the URL to display. Sometimes it uses:

/community/cfs-file/__key/communityserver-blogs-components-weblogfiles/...

and sometimes it uses:

/community/resized-image/__size/320x240/__key/communityserver-blogs-components-weblogfiles

Its the latter that is throwing 403 for me

#if ($showthumbnail)
	<div class="avatar">
	    #if ($viewLayout == 'grid')
	        #set ($imageWidth = 512)
		    #set ($imageHeight = 256)
	    #else
			#set ($imageWidth = 100)
			#set ($imageHeight = 100)
		#end
		<a href="$core_v2_encoding.HtmlAttributeEncode($post.Url)">
			$core_v2_ui.GetResizedImageHtml($postImage, $imageWidth, $imageHeight, "%{border='0px', alt=$post.Name, ResizeMethod = 'ZoomAndCrop' }")
		</a>
	</div>
#end

Your code does not show what postImage is, this could still be the result of no access to the blog.  Or you have not configured your centralized filestorage permissions correctly in windows

Its the default widget - no changes. App pool identity has modify access to the entire filestorage structure. 

Guess I'm just wondering if anyone else was having the same issue - if its reproducible. 

Since this only started happening after an upgrade to 10.3.2.7882, wondering if something changed with the code in /resized-image that might cause this.

You would have to open a support ticket, but no there is no known issues.  

To confirm, that's the correct way to use image resizing (not calling the URL directly), and is the default version of the Blog Post List. If you're receiving a 403, it may be a CFS issue. Are permissions set correctly? Is the file still physically there?

Ok. Thanks Patrick.

Hey Michael. Yes, permissions are set correctly and the file is physically there. I see it in this folder: filestorage\communityserver.blogs.components.weblogfiles\00\00\00\00\06

Looking at permissions directly on the file, the app pool identity has inherited modify access from the filestorage root.