Set X-Sendfile Header Only for Local Proxy Requests

If the request.remote_addr is not LOCALHOST, don't set the
X-Sendfile header.
This commit is contained in:
Jacques Distler 2009-03-05 12:14:03 -06:00
parent 9ff1e82211
commit 13d096c688
2 changed files with 15 additions and 1 deletions

View file

@ -85,7 +85,7 @@ class ApplicationController < ActionController::Base
original_options[:type] ||= (FILE_TYPES[File.extname(file_name)] or 'application/octet-stream') original_options[:type] ||= (FILE_TYPES[File.extname(file_name)] or 'application/octet-stream')
original_options[:disposition] ||= (DISPOSITION[original_options[:type]] or 'attachment') original_options[:disposition] ||= (DISPOSITION[original_options[:type]] or 'attachment')
original_options[:stream] ||= false original_options[:stream] ||= false
original_options[:x_sendfile] = true if request.env.include?('HTTP_X_SENDFILE_TYPE') original_options[:x_sendfile] = true if request.env.include?('HTTP_X_SENDFILE_TYPE') && request.remote_addr == LOCALHOST
original_options original_options
end end

View file

@ -85,6 +85,7 @@ class FileControllerTest < ActionController::TestCase
pic = File.open("#{RAILS_ROOT}/test/fixtures/rails.gif", 'rb') { |f| f.read } pic = File.open("#{RAILS_ROOT}/test/fixtures/rails.gif", 'rb') { |f| f.read }
@web.wiki_files.create(:file_name => 'rails.gif', :description => 'An image', :content => pic) @web.wiki_files.create(:file_name => 'rails.gif', :description => 'An image', :content => pic)
@request.env.update({ 'HTTP_X_SENDFILE_TYPE' => 'foo' }) @request.env.update({ 'HTTP_X_SENDFILE_TYPE' => 'foo' })
@request.remote_addr = '127.0.0.1'
r = get :file, :web => 'wiki1', :id => 'rails.gif' r = get :file, :web => 'wiki1', :id => 'rails.gif'
assert_response(:success, bypass_body_parsing = true) assert_response(:success, bypass_body_parsing = true)
@ -93,6 +94,19 @@ class FileControllerTest < ActionController::TestCase
assert_equal 'inline; filename="rails.gif"', r.headers['Content-Disposition'] assert_equal 'inline; filename="rails.gif"', r.headers['Content-Disposition']
end end
def test_pic_x_sendfile_type_nonlocal
pic = File.open("#{RAILS_ROOT}/test/fixtures/rails.gif", 'rb') { |f| f.read }
@web.wiki_files.create(:file_name => 'rails.gif', :description => 'An image', :content => pic)
@request.env.update({ 'HTTP_X_SENDFILE_TYPE' => 'foo' })
r = get :file, :web => 'wiki1', :id => 'rails.gif'
assert_response(:success, bypass_body_parsing = true)
assert_equal 'image/gif', r.headers['Content-Type']
assert_equal pic.size, r.body.size
assert_equal pic, r.body
assert_equal 'inline; filename="rails.gif"', r.headers['Content-Disposition']
end
def test_pic_unknown_pic def test_pic_unknown_pic
r = get :file, :web => 'wiki1', :id => 'non-existant.gif' r = get :file, :web => 'wiki1', :id => 'non-existant.gif'