if ( strpos( $path, $prefix ) === 0 ) {
$be = FileBackendGroup::singleton()->backendFromPath( $storageDir );
$filename = $storageDir . substr( $path, strlen( $prefix ) ); // strip prefix
- // Check basic user authorization
- if ( !RequestContext::getMain()->getUser()->isAllowed( 'read' ) ) {
- wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
- return;
- }
+ // Check basic user authorization
+ if ( !RequestContext::getMain()->getUser()->isAllowed( 'read' ) ) {
+ wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
+ return;
+ }
if ( $be->fileExists( array( 'src' => $filename ) ) ) {
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
$be->streamFile( array( 'src' => $filename ),
return;
}
+ if ( $wgRequest->getCheck( 'download' ) ) {
+ header( 'Content-Disposition: attachment' );
+ }
+
// Stream the requested file
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
$repo->streamFile( $filename, array( 'Cache-Control: private', 'Vary: Cookie' ) );
* Issue a standard HTTP 403 Forbidden header ($msg1-a message index, not a message) and an
* error message ($msg2, also a message index), (both required) then end the script
* subsequent arguments to $msg2 will be passed as parameters only for replacing in $msg2
- * @param $msg1
- * @param $msg2
+ * @param string $msg1
+ * @param string $msg2
*/
function wfForbidden( $msg1, $msg2 ) {
global $wgImgAuthDetails;