Permalink
Browse files

fix(files): file service now sends 304 and 403 headers more reliably

File service now checks if file has been deleted or modified before sending 304 headers.

File service now strips -gzip suffixes from headers to send correct 304 headers for
deflated file types.

Fixes #9571
  • Loading branch information...
hypeJunction committed Mar 28, 2016
1 parent 75d0b1e commit c9af179092be61e50acc17603a8fbf3dd9e22272
Showing with 13 additions and 6 deletions.
  1. +13 −6 engine/classes/Elgg/Application/ServeFileHandler.php
@@ -62,12 +62,6 @@ public function getResponse(Request $request) {
return $response->setStatusCode(403)->setContent('URL has expired');
}
- $etag = '"' . $last_updated . '"';
- $response->setPublic()->setEtag($etag);
- if ($response->isNotModified($request)) {
- return $response;
- }
-
$hmac_data = array(
'expires' => (int) $expires,
'last_updated' => (int) $last_updated,
@@ -97,6 +91,18 @@ public function getResponse(Request $request) {
return $response->setStatusCode(403)->setContent('URL has expired');
}
+ $if_none_match = $request->headers->get('if_none_match');
+ if (!empty($if_none_match)) {
+ // strip mod_deflate suffixes
+ $request->headers->set('if_none_match', str_replace('-gzip', '', $if_none_match));
+ }
+
+ $etag = '"' . $last_updated . '"';
+ $response->setPublic()->setEtag($etag);
+ if ($response->isNotModified($request)) {
+ return $response;
+ }
+
$public = $use_cookie ? false : true;
$content_disposition = $disposition == 'i' ? 'inline' : 'attachment';
@@ -127,4 +133,5 @@ private function getCookieValue(Request $request) {
$session_name = $config['session']['name'];
return $request->cookies->get($session_name, '');
}
+
}

0 comments on commit c9af179

Please sign in to comment.