# Set action base paths so that WebRequest::getPathInfo()
# recognizes the "X" as the 'title' in ../img_auth.php/X urls.
$wgArticlePath = false; # Don't let a "/*" article path clober our action path
-$wgActionPaths = array( "$wgUploadPath/" );
+$wgActionPaths = [ "$wgUploadPath/" ];
wfImageAuthMain();
global $wgImgAuthUrlPathMap;
$request = RequestContext::getMain()->getRequest();
- $publicWiki = in_array( 'read', User::getGroupPermissions( array( '*' ) ), true );
+ $publicWiki = in_array( 'read', User::getGroupPermissions( [ '*' ] ), true );
// Get the requested file path (source file or thumbnail)
$matches = WebRequest::getPathInfo();
$path = "/" . $path;
}
- // Check for bug 28235: QUERY_STRING overriding the correct extension
- $whitelist = array();
+ // Check for T30235: QUERY_STRING overriding the correct extension
+ $whitelist = [];
$extension = FileBackend::extensionFromPath( $path, 'rawcase' );
if ( $extension != '' ) {
$whitelist[] = $extension;
wfForbidden( 'img-auth-accessdenied', 'img-auth-noread', $path );
return;
}
- if ( $be->fileExists( array( 'src' => $filename ) ) ) {
+ if ( $be->fileExists( [ 'src' => $filename ] ) ) {
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
- $be->streamFile( array( 'src' => $filename ),
- array( 'Cache-Control: private', 'Vary: Cookie' ) );
+ $be->streamFile( [ 'src' => $filename ],
+ [ 'Cache-Control: private', 'Vary: Cookie' ] );
} else {
wfForbidden( 'img-auth-accessdenied', 'img-auth-nofile', $path );
}
}
}
- $headers = array(); // extra HTTP headers to send
+ $headers = []; // extra HTTP headers to send
+
+ $title = Title::makeTitleSafe( NS_FILE, $name );
if ( !$publicWiki ) {
// For private wikis, run extra auth checks and set cache control headers
- $headers[] = 'Cache-Control: private';
- $headers[] = 'Vary: Cookie';
+ $headers['Cache-Control'] = 'private';
+ $headers['Vary'] = 'Cookie';
- $title = Title::makeTitleSafe( NS_FILE, $name );
if ( !$title instanceof Title ) { // files have valid titles
wfForbidden( 'img-auth-accessdenied', 'img-auth-badtitle', $name );
return;
// Run hook for extension authorization plugins
/** @var $result array */
$result = null;
- if ( !Hooks::run( 'ImgAuthBeforeStream', array( &$title, &$path, &$name, &$result ) ) ) {
+ if ( !Hooks::run( 'ImgAuthBeforeStream', [ &$title, &$path, &$name, &$result ] ) ) {
wfForbidden( $result[0], $result[1], array_slice( $result, 2 ) );
return;
}
}
}
+ if ( isset( $_SERVER['HTTP_RANGE'] ) ) {
+ $headers['Range'] = $_SERVER['HTTP_RANGE'];
+ }
+ if ( isset( $_SERVER['HTTP_IF_MODIFIED_SINCE'] ) ) {
+ $headers['If-Modified-Since'] = $_SERVER['HTTP_IF_MODIFIED_SINCE'];
+ }
+
if ( $request->getCheck( 'download' ) ) {
- $headers[] = 'Content-Disposition: attachment';
+ $headers['Content-Disposition'] = 'attachment';
}
+ // Allow modification of headers before streaming a file
+ Hooks::run( 'ImgAuthModifyHeaders', [ $title->getTitleValue(), &$headers ] );
+
// Stream the requested file
+ list( $headers, $options ) = HTTPFileStreamer::preprocessHeaders( $headers );
wfDebugLog( 'img_auth', "Streaming `" . $filename . "`." );
- $repo->streamFile( $filename, $headers );
+ $repo->streamFile( $filename, $headers, $options );
}
/**
wfMessage( $msg2, $args )->inLanguage( 'en' )->text()
);
- header( 'HTTP/1.0 403 Forbidden' );
+ HttpStatus::header( 403 );
header( 'Cache-Control: no-cache' );
header( 'Content-Type: text/html; charset=utf-8' );
echo <<<ENDS