In reaction to the newest firmware changes from BambuLab, I’ve changed my A1 3d printer to LAN Only Mode and blocked its access to the internet. I’ll miss the convenience of being able to start and monitor prints from my phone but I use OrcaSlicer and I don’t like comapanies telling me what I can and cannot do with the product I spent money on and own. No-thankyouverymuch.
However, in the process of doing this, I ran into an issue.
I was trying to upload a print to the printer and it started giving me an error.
Sending print job over LAN failed.
Error: -4020
Error: Failed to upload print file to FTP. Please the network status and try again.
Extra info: [ftp code]: 9
[reason]: Access denied to remote resource: Server denied you to change to the given directory.So I started google-ing the issue (like ya do) and the top result was people complaining about the issue and throwing their hands up in the air in frustration because, no matter what they tried, they couldn’t get it to work. I kept digging, seeing more of the same, until I found this bug report on the BambuLab GitHub.
Read read read read read and… huh, only happens when trying to print a 3MF file?
Read read read read read and… huh, only happens when there’s a “/” in the project info title?
So I look at the model I was trying to print and, sure enough, there is a “/” in the project name. Okay. I export the model from OrcaSlicer as an STL, create a new project, import the STL, slice the plate, hit the print button aaaaand…
Sure enough, it prints. No problem.
What happened?
The problem here is one of input sanitization: a complex problem with a simple explanation. In any data environment there are inputs and outputs. When you are accepting inputs, it’s generally a bad idea to just take whatever the user throws at you and process it as is. A lot of times it requires a little clean up, adjusting, or even throwing it out wholesale if it’s bad enough. This is one of the basic security steps anytime user provided data is involved in any process.
There are several file formats that can be used for 3d printing, but the two we’re going to be comparing here are STL and 3MF.
STL has been around since the 80’s and is very basic. All it does is define the mesh: the surface geometery of the shape as a series of verticies forming triangles. Simple. This isn’t a bad thing, mind, but what 3MF offers is more. It allows for a higher triangle count, providing more detail. And, along with the mesh, it allows the creator to package in other metadata like thumbnails, specific print settings, sub-assemblies for parts, color information, and lots more. It’s like going from a black and white scan of a document to a full color PDF with table of contents and links.
So, where did the problem come from?
In the metadata of the 3MF of the object I downloaded from MakerWorld was the title of the project: “Shoe Rack Holder / Organizer Wall Mounted”. Note the backslash.
Here is the issue as much as I can figure it out:
When OrcaSlicer, a derivative of BambuSlicer, goes to send a project to the printer, it takes the slicing data, and writes the file to the printer over FTP. With an STL, there is no project name becaues there is no metadata, so it uses the object’s filename which, due to filesystem rules, can’t have backslashes in it since those typically denotate a directory as part of a path. In effect, the OS filesystem does the sanitization for it.
When sending a project that originated from a sliceed 3MF file, the project name from the metadata gets used when sending the file to the printer. The OS of the printer looks at the filename – in this case “Shoe-Rack-Holder-/Organizer-Wall-Mounted.gcode” – and says “Whoa! There’s no directory called ‘Shoe-Rack-Holder-‘ and you don’t have permission to make a directory named that so we’re putting a stop to this whole thing!”
Access denied to remote resource: Server denied you to change to the given directory.The issue is, ultimately, with BambuSlicer (And OrcaSlicer, by extension). Before any file transfer, they could easily go in and sanitize the project name by replacing any illegal characters ( \ / : * ? ” < > | ) with legal ones like an underscore or hyphen. They already do it with spaces. It’s not hard.
Anyways, sanitize your inputs, folks.
Leave a Reply