Fix raw endpoint PDF file headers (#19825)
This commit is contained in:
parent
410df1fbd4
commit
65e0688a5c
2 changed files with 12 additions and 4 deletions
|
@ -17,8 +17,12 @@ import (
|
|||
// Use at most this many bytes to determine Content Type.
|
||||
const sniffLen = 1024
|
||||
|
||||
const (
|
||||
// SvgMimeType MIME type of SVG images.
|
||||
const SvgMimeType = "image/svg+xml"
|
||||
SvgMimeType = "image/svg+xml"
|
||||
// ApplicationOctetStream MIME type of binary files.
|
||||
ApplicationOctetStream = "application/octet-stream"
|
||||
)
|
||||
|
||||
var (
|
||||
svgTagRegex = regexp.MustCompile(`(?si)\A\s*(?:(<!--.*?-->|<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg[\s>\/]`)
|
||||
|
|
|
@ -88,10 +88,14 @@ func ServeData(ctx *context.Context, name string, size int64, reader io.Reader)
|
|||
}
|
||||
if (st.IsImage() || st.IsPDF()) && (setting.UI.SVG.Enabled || !st.IsSvgImage()) {
|
||||
ctx.Resp.Header().Set("Content-Disposition", fmt.Sprintf(`inline; filename="%s"`, name))
|
||||
if st.IsSvgImage() {
|
||||
if st.IsSvgImage() || st.IsPDF() {
|
||||
ctx.Resp.Header().Set("Content-Security-Policy", "default-src 'none'; style-src 'unsafe-inline'; sandbox")
|
||||
ctx.Resp.Header().Set("X-Content-Type-Options", "nosniff")
|
||||
if st.IsSvgImage() {
|
||||
ctx.Resp.Header().Set("Content-Type", typesniffer.SvgMimeType)
|
||||
} else {
|
||||
ctx.Resp.Header().Set("Content-Type", typesniffer.ApplicationOctetStream)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
ctx.Resp.Header().Set("Content-Disposition", fmt.Sprintf(`attachment; filename="%s"`, name))
|
||||
|
|
Loading…
Reference in a new issue