Provide MD5 value of downloads to HTTP client

Content-MD5 is a HTTP header to provide end-to-end integrity checks
(see RFC2616, 14.15). This doesn't protect against malicious
modifications, but against transmissions errors and storage errors
on the server.

The change also removes one redirect when downloading files.
This commit is contained in:
Patrick Georgi 2011-07-24 22:12:36 +02:00
parent a016bcb51b
commit 945429abf0
2 changed files with 12 additions and 3 deletions

View File

@ -150,7 +150,7 @@ class IDF_Upload extends Pluf_Model
if ($this->id == '') {
$this->creation_dtime = gmdate('Y-m-d H:i:s');
$this->modif_dtime = gmdate('Y-m-d H:i:s');
$this->md5 = md5_file (Pluf::f('upload_path') . '/' . $this->get_project()->shortname . '/files/' . $this->file);
$this->md5 = md5_file ($this->getFullPath());
}
}
@ -167,6 +167,11 @@ class IDF_Upload extends Pluf_Model
return Pluf::f('url_upload').'/'.$project->shortname.'/files/'.$this->file;
}
function getFullPath()
{
return(Pluf::f('upload_path').'/'.$this->get_project()->shortname.'/files/'.$this->file);
}
/**
* We drop the information from the timeline.
*/

View File

@ -202,7 +202,11 @@ class IDF_Views_Download
$prj->inOr404($upload);
$upload->downloads += 1;
$upload->update();
return new Pluf_HTTP_Response_Redirect($upload->getAbsoluteUrl($prj));
$path = $upload->getFullPath();
$mime = IDF_FileUtil::getMimeType($path);
$render = new Pluf_HTTP_Response_File($path, $mime[0]);
$render->headers["Content-MD5"] = $upload->md5;
return $render;
}
/**