Skip to content

Fix HTTP headers when downloading files #2031

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
williamjallen merged 2 commits into from
Feb 14, 2024
Merged

Fix HTTP headers when downloading files #2031

williamjallen merged 2 commits into from
Feb 14, 2024

Conversation

@williamjallen
Copy link
Collaborator

@williamjallen williamjallen commented Feb 13, 2024

#1796 introduced the usage of Laravel's Storage::download() helper, which forced the browser to download all files by default. This change was inconvenient for many users who wanted to view simple text files.

This PR modifies the HTTP headers such that text files will be opened in the browser, and binary files will be downloaded in all major browsers. By setting the content-type to text/plain, the possibility of XSS attacks is mitigated.

@williamjallen williamjallen force-pushed the headers-for-downloaded-files branch from f6c039b to de8f047 Compare February 13, 2024 20:30
zackgalbreath
zackgalbreath requested changes Feb 14, 2024
View reviewed changes
Copy link
Contributor

@zackgalbreath zackgalbreath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this suggested change will fix the failing test in CI

@williamjallen @zackgalbreath
Address requested changes
ccf0c83 
Co-authored-by: Zack Galbreath <zack.galbreath@kitware.com>
@williamjallen
Copy link
Collaborator Author

williamjallen commented Feb 14, 2024
edited
Loading

Merging manually due to open.cdash.org slowness...

@williamjallen williamjallen merged commit 4361f69 into Kitware:releases/3.2 Feb 14, 2024
@williamjallen williamjallen deleted the headers-for-downloaded-files branch February 14, 2024 18:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@zackgalbreath zackgalbreath zackgalbreath approved these changes

Assignees

No one assigned

Labels

release notes: fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@williamjallen @zackgalbreath