diff options
author | Carlos Tadeu Panato Junior <ctadeu@gmail.com> | 2017-04-20 17:34:07 +0200 |
---|---|---|
committer | George Goldberg <george@gberg.me> | 2017-04-20 16:34:07 +0100 |
commit | c94754e94f9cf590c595f071fe3b4e53f1eb94e3 (patch) | |
tree | 26bbc1053917fa63bca35c3e7ac343ad6f938475 /api4/file.go | |
parent | 4a49dec7ade2672a861647f508e6611cbade3905 (diff) | |
download | chat-c94754e94f9cf590c595f071fe3b4e53f1eb94e3.tar.gz chat-c94754e94f9cf590c595f071fe3b4e53f1eb94e3.tar.bz2 chat-c94754e94f9cf590c595f071fe3b4e53f1eb94e3.zip |
[PLT-6288] add way to view in the browser and not download in apiV4 (#6062)
* add way to view in the browser and not download
* add DetectContentType to get the contenttype for the file
* update per review
Diffstat (limited to 'api4/file.go')
-rw-r--r-- | api4/file.go | 59 |
1 files changed, 49 insertions, 10 deletions
diff --git a/api4/file.go b/api4/file.go index de1ce454d..6bd751a67 100644 --- a/api4/file.go +++ b/api4/file.go @@ -22,10 +22,10 @@ func InitFile() { l4g.Debug(utils.T("api.file.init.debug")) BaseRoutes.Files.Handle("", ApiSessionRequired(uploadFile)).Methods("POST") - BaseRoutes.File.Handle("", ApiSessionRequired(getFile)).Methods("GET") - BaseRoutes.File.Handle("/thumbnail", ApiSessionRequired(getFileThumbnail)).Methods("GET") + BaseRoutes.File.Handle("", ApiSessionRequiredTrustRequester(getFile)).Methods("GET") + BaseRoutes.File.Handle("/thumbnail", ApiSessionRequiredTrustRequester(getFileThumbnail)).Methods("GET") BaseRoutes.File.Handle("/link", ApiSessionRequired(getFileLink)).Methods("GET") - BaseRoutes.File.Handle("/preview", ApiSessionRequired(getFilePreview)).Methods("GET") + BaseRoutes.File.Handle("/preview", ApiSessionRequiredTrustRequester(getFilePreview)).Methods("GET") BaseRoutes.File.Handle("/info", ApiSessionRequired(getFileInfo)).Methods("GET") BaseRoutes.PublicFile.Handle("", ApiHandler(getPublicFile)).Methods("GET") @@ -78,6 +78,11 @@ func getFile(c *Context, w http.ResponseWriter, r *http.Request) { return } + toDownload, failConv := strconv.ParseBool(r.URL.Query().Get("download")) + if failConv != nil { + toDownload = false + } + info, err := app.GetFileInfo(c.Params.FileId) if err != nil { c.Err = err @@ -89,10 +94,30 @@ func getFile(c *Context, w http.ResponseWriter, r *http.Request) { return } - if data, err := app.ReadFile(info.Path); err != nil { + data, err := app.ReadFile(info.Path) + if err != nil { c.Err = err c.Err.StatusCode = http.StatusNotFound - } else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil { + return + } + + contentTypeToCheck := []string{"image/jpeg", "image/png", "image/bmp", "image/gif", + "video/avi", "video/mpeg", "audio/mpeg3", "audio/wav"} + + contentType := http.DetectContentType(data) + foundContentType := false + for _, contentTypeFromList := range contentTypeToCheck { + if contentType == contentTypeFromList && toDownload == false { + foundContentType = true + break + } + } + if !foundContentType { + toDownload = true + } + + err = writeFileResponse(info.Name, info.MimeType, data, toDownload, w, r) + if err != nil { c.Err = err return } @@ -104,6 +129,11 @@ func getFileThumbnail(c *Context, w http.ResponseWriter, r *http.Request) { return } + toDownload, failConv := strconv.ParseBool(r.URL.Query().Get("download")) + if failConv != nil { + toDownload = false + } + info, err := app.GetFileInfo(c.Params.FileId) if err != nil { c.Err = err @@ -124,7 +154,7 @@ func getFileThumbnail(c *Context, w http.ResponseWriter, r *http.Request) { if data, err := app.ReadFile(info.ThumbnailPath); err != nil { c.Err = err c.Err.StatusCode = http.StatusNotFound - } else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil { + } else if err := writeFileResponse(info.Name, info.MimeType, data, toDownload, w, r); err != nil { c.Err = err return } @@ -171,6 +201,11 @@ func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) { return } + toDownload, failConv := strconv.ParseBool(r.URL.Query().Get("download")) + if failConv != nil { + toDownload = false + } + info, err := app.GetFileInfo(c.Params.FileId) if err != nil { c.Err = err @@ -191,7 +226,7 @@ func getFilePreview(c *Context, w http.ResponseWriter, r *http.Request) { if data, err := app.ReadFile(info.PreviewPath); err != nil { c.Err = err c.Err.StatusCode = http.StatusNotFound - } else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil { + } else if err := writeFileResponse(info.Name, info.MimeType, data, toDownload, w, r); err != nil { c.Err = err return } @@ -253,13 +288,13 @@ func getPublicFile(c *Context, w http.ResponseWriter, r *http.Request) { if data, err := app.ReadFile(info.Path); err != nil { c.Err = err c.Err.StatusCode = http.StatusNotFound - } else if err := writeFileResponse(info.Name, info.MimeType, data, w, r); err != nil { + } else if err := writeFileResponse(info.Name, info.MimeType, data, true, w, r); err != nil { c.Err = err return } } -func writeFileResponse(filename string, contentType string, bytes []byte, w http.ResponseWriter, r *http.Request) *model.AppError { +func writeFileResponse(filename string, contentType string, bytes []byte, toDownload bool, w http.ResponseWriter, r *http.Request) *model.AppError { w.Header().Set("Cache-Control", "max-age=2592000, public") w.Header().Set("Content-Length", strconv.Itoa(len(bytes))) @@ -269,7 +304,11 @@ func writeFileResponse(filename string, contentType string, bytes []byte, w http w.Header().Del("Content-Type") // Content-Type will be set automatically by the http writer } - w.Header().Set("Content-Disposition", "attachment;filename=\""+filename+"\"; filename*=UTF-8''"+url.QueryEscape(filename)) + if toDownload { + w.Header().Set("Content-Disposition", "attachment;filename=\""+filename+"\"; filename*=UTF-8''"+url.QueryEscape(filename)) + } else { + w.Header().Set("Content-Disposition", "inline;filename=\""+filename+"\"; filename*=UTF-8''"+url.QueryEscape(filename)) + } // prevent file links from being embedded in iframes w.Header().Set("X-Frame-Options", "DENY") |