dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Add ImgAuthModifyHeaders hook to img_auth.php to modify headers
[lhc/web/wiklou.git]
/
img_auth.php
diff --git
a/img_auth.php
b/img_auth.php
index
d636188
..
70570d8
100644
(file)
--- a/
img_auth.php
+++ b/
img_auth.php
@@
-68,7
+68,7
@@
function wfImageAuthMain() {
$path = "/" . $path;
}
$path = "/" . $path;
}
- // Check for
bug 28
235: QUERY_STRING overriding the correct extension
+ // Check for
T30
235: QUERY_STRING overriding the correct extension
$whitelist = [];
$extension = FileBackend::extensionFromPath( $path, 'rawcase' );
if ( $extension != '' ) {
$whitelist = [];
$extension = FileBackend::extensionFromPath( $path, 'rawcase' );
if ( $extension != '' ) {
@@
-135,12
+135,13
@@
function wfImageAuthMain() {
$headers = []; // extra HTTP headers to send
$headers = []; // extra HTTP headers to send
+ $title = Title::makeTitleSafe( NS_FILE, $name );
+
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
- $headers[
] = 'Cache-Control:
private';
- $headers[
] = 'Vary:
Cookie';
+ $headers[
'Cache-Control'] = '
private';
+ $headers[
'Vary'] = '
Cookie';
- $title = Title::makeTitleSafe( NS_FILE, $name );
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
@@
-162,13
+163,24
@@
function wfImageAuthMain() {
}
}
}
}
+ if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
+ $headers['Range'] = $_SERVER['HTTP_RANGE'];
+ }
+ if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
+ $headers['If-Modified-Since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
+ }
+
if ( $request->getCheck( 'download' ) ) {
if ( $request->getCheck( 'download' ) ) {
- $headers[
] = 'Content-Disposition:
attachment';
+ $headers[
'Content-Disposition'] = '
attachment';
}
}
+ // Allow modification of headers before streaming a file
+ Hooks::run( 'ImgAuthModifyHeaders', [ $title->getTitleValue(), &$headers ] );
+
// Stream the requested file
// Stream the requested file
+ list( $headers, $options ) = HTTPFileStreamer::preprocessHeaders( $headers );
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
- $repo->streamFile( $filename, $headers );
+ $repo->streamFile( $filename, $headers
, $options
);
}
/**
}
/**