From 42b92bf7a290cc591d80821882938f40ca9d5236 Mon Sep 17 00:00:00 2001
From: Daniel <845765@qq.com>
Date: Wed, 9 Jul 2025 19:59:43 +0800
Subject: [PATCH 1/3] :zap: Improve the image loading performance in the
 database https://github.com/siyuan-note/siyuan/issues/15245

---
 kernel/model/assets.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/model/assets.go b/kernel/model/assets.go
index f455cb902..6dd1eb21a 100644
--- a/kernel/model/assets.go
+++ b/kernel/model/assets.go
@@ -81,7 +81,7 @@ func NeedGenerateAssetsThumbnail(sourceImgPath string) bool {
 	if info.IsDir() {
 		return false
 	}
-	return info.Size() > 1024*10
+	return info.Size() > 1024*1024
 }
 
 func GenerateAssetsThumbnail(sourceImgPath, resizedImgPath string) (err error) {

From 31f5797176af58296581ccfb6d0c9df55d32a721 Mon Sep 17 00:00:00 2001
From: Daniel <845765@qq.com>
Date: Wed, 9 Jul 2025 20:12:54 +0800
Subject: [PATCH 2/3] :lock: Disable HTTP access to the /assets/ path
 https://github.com/siyuan-note/siyuan/issues/15257

---
 kernel/server/serve.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/kernel/server/serve.go b/kernel/server/serve.go
index a1eb07580..7ebb1e1a6 100644
--- a/kernel/server/serve.go
+++ b/kernel/server/serve.go
@@ -475,6 +475,12 @@ func serveAssets(ginServer *gin.Engine) {
 
 	ginServer.GET("/assets/*path", model.CheckAuth, func(context *gin.Context) {
 		requestPath := context.Param("path")
+		if "/" == requestPath || "" == requestPath {
+			// 禁止访问根目录 Disable HTTP access to the /assets/ path https://github.com/siyuan-note/siyuan/issues/15257
+			context.Status(http.StatusForbidden)
+			return
+		}
+
 		relativePath := path.Join("assets", requestPath)
 		p, err := model.GetAssetAbsPath(relativePath)
 		if err != nil {

From 9933cd98ecfea6e1eb42655344d413c6b19476ae Mon Sep 17 00:00:00 2001
From: Daniel <845765@qq.com>
Date: Wed, 9 Jul 2025 20:35:52 +0800
Subject: [PATCH 3/3] :art: https://github.com/siyuan-note/siyuan/issues/15240

---
 kernel/sql/av_gallery.go | 5 ++++-
 kernel/util/path.go      | 8 ++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/kernel/sql/av_gallery.go b/kernel/sql/av_gallery.go
index ac5886907..4d61ddbe8 100644
--- a/kernel/sql/av_gallery.go
+++ b/kernel/sql/av_gallery.go
@@ -201,7 +201,10 @@ func fillAttributeViewGalleryCardCover(attrView *av.AttributeView, view *av.View
 			break
 		}
 
-		galleryCard.CoverURL = assetValue.MAsset[0].Content
+		p := assetValue.MAsset[0].Content
+		if util.IsAssetsImage(p) {
+			galleryCard.CoverURL = p
+		}
 		return
 	case av.CoverFromContentBlock:
 		blockValue := getBlockValue(cardValues)
diff --git a/kernel/util/path.go b/kernel/util/path.go
index 995cd03e6..d651dc829 100644
--- a/kernel/util/path.go
+++ b/kernel/util/path.go
@@ -317,6 +317,14 @@ var (
 	SiYuanAssetsVideo = []string{".mov", ".weba", ".mkv", ".mp4", ".webm"}
 )
 
+func IsAssetsImage(p string) bool {
+	ext := strings.ToLower(filepath.Ext(p))
+	if "" == ext {
+		return false
+	}
+	return gulu.Str.Contains(ext, SiYuanAssetsImage)
+}
+
 func IsDisplayableAsset(p string) bool {
 	ext := strings.ToLower(filepath.Ext(p))
 	if "" == ext {