dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
+extension/Scribunto
[lhc/web/wiklou.git]
/
img_auth.php
diff --git
a/img_auth.php
b/img_auth.php
index
d636188
..
2caf57a
100644
(file)
--- a/
img_auth.php
+++ b/
img_auth.php
@@
-68,7
+68,7
@@
function wfImageAuthMain() {
$path = "/" . $path;
}
$path = "/" . $path;
}
- // Check for
bug 28
235: QUERY_STRING overriding the correct extension
+ // Check for
T30
235: QUERY_STRING overriding the correct extension
$whitelist = [];
$extension = FileBackend::extensionFromPath( $path, 'rawcase' );
if ( $extension != '' ) {
$whitelist = [];
$extension = FileBackend::extensionFromPath( $path, 'rawcase' );
if ( $extension != '' ) {
@@
-92,8
+92,10
@@
function wfImageAuthMain() {
}
if ( $be->fileExists( [ 'src' => $filename ] ) ) {
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
}
if ( $be->fileExists( [ 'src' => $filename ] ) ) {
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
- $be->streamFile( [ 'src' => $filename ],
- [ 'Cache-Control: private', 'Vary: Cookie' ] );
+ $be->streamFile( [
+ 'src' => $filename,
+ 'headers' => [ 'Cache-Control: private', 'Vary: Cookie' ]
+ ] );
} else {
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
}
} else {
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
}
@@
-135,12
+137,13
@@
function wfImageAuthMain() {
$headers = []; // extra HTTP headers to send
$headers = []; // extra HTTP headers to send
+ $title = Title::makeTitleSafe( NS_FILE, $name );
+
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
- $headers[
] = 'Cache-Control:
private';
- $headers[
] = 'Vary:
Cookie';
+ $headers[
'Cache-Control'] = '
private';
+ $headers[
'Vary'] = '
Cookie';
- $title = Title::makeTitleSafe( NS_FILE, $name );
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
@@
-162,13
+165,24
@@
function wfImageAuthMain() {
}
}
}
}
+ if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
+ $headers['Range'] = $_SERVER['HTTP_RANGE'];
+ }
+ if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
+ $headers['If-Modified-Since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
+ }
+
if ( $request->getCheck( 'download' ) ) {
if ( $request->getCheck( 'download' ) ) {
- $headers[
] = 'Content-Disposition:
attachment';
+ $headers[
'Content-Disposition'] = '
attachment';
}
}
+ // Allow modification of headers before streaming a file
+ Hooks::run( 'ImgAuthModifyHeaders', [ $title->getTitleValue(), &$headers ] );
+
// Stream the requested file
// Stream the requested file
+ list( $headers, $options ) = HTTPFileStreamer::preprocessHeaders( $headers );
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
- $repo->streamFile( $filename, $headers );
+ $repo->streamFile( $filename, $headers
, $options
);
}
/**
}
/**