use Psr\Http\Message\ServerRequestInterface;
use Psr\Http\Server\RequestHandlerInterface;
use wcf\data\file\File;
+use wcf\http\ContentDisposition;
use wcf\http\Helper;
use wcf\system\exception\IllegalLinkException;
use wcf\system\exception\PermissionDeniedException;
);
$mimeType = FileUtil::getMimeType($filename);
-
- // TODO: This should use `FileReader` instead.
-
- $inlineMimeTypes = [
+ $contentDisposition = match ($mimeType) {
'image/gif',
'image/jpeg',
'image/png',
'image/x-png',
'application/pdf',
'image/pjpeg',
- 'image/webp',
- ];
-
- $dispositionType = \in_array($mimeType, $inlineMimeTypes) ? 'inline' : 'attachment';
+ 'image/webp' => ContentDisposition::Inline,
+ default => ContentDisposition::Attachment,
+ };
return $response->withHeader('content-type', $mimeType)
->withHeader(
'content-disposition',
- \sprintf(
- '%s; filename="%s"',
- $dispositionType,
- $file->filename,
- ),
+ $contentDisposition->forFilename($file->filename),
);
}
}
*/
public function migrateStorage()
{
- foreach ([$this->getLocation(), $this->getThumbnailLocation(), $this->getThumbnailLocation('tiny'),] as $location) {
+ foreach ([
+ $this->getLocation(),
+ $this->getThumbnailLocation(),
+ $this->getThumbnailLocation('tiny'),
+ ] as $location) {
if (!\str_ends_with($location, '.bin')) {
\rename($location, $location . '.bin');
}
use wcf\system\file\processor\FileProcessor;
use wcf\system\file\processor\IFileProcessor;
use wcf\system\request\LinkHandler;
+use wcf\util\JSON;
use wcf\util\StringUtil;
/**
StringUtil::encodeHTML($this->filename),
$this->fileSize,
StringUtil::encodeHTML($this->mimeType),
- StringUtil::encodeHTML(\json_encode($thumbnails)),
- StringUtil::encodeHTML(\json_encode($metaData)),
+ StringUtil::encodeHTML(JSON::encode($thumbnails)),
+ StringUtil::encodeHTML(JSON::encode($metaData)),
StringUtil::encodeHTML($this->getLink()),
);
}
}
if (\str_contains($filename, '.')) {
- $fileExtension = \mb_substr(
- $filename,
- \mb_strrpos($filename, '.') + 1
- );
-
+ $fileExtension = \pathinfo($filename, \PATHINFO_EXTENSION);
if (isset(self::SAFE_FILE_EXTENSIONS[$fileExtension])) {
return $fileExtension;
}
public function hasChunk(int $sequenceNo): bool
{
+ if ($sequenceNo > \strlen($this->chunks)) {
+ throw new \OutOfRangeException(
+ \sprintf(
+ "Cannot access chunk #%d of %d",
+ $sequenceNo,
+ \strlen($this->chunks),
+ ),
+ );
+ }
+
return $this->chunks[$sequenceNo] === '1';
}
public function __invoke(ServerRequestInterface $request, array $variables): ResponseInterface
{
- $checksum = \current($request->getHeader('chunk-checksum-sha256'));
- if ($checksum === false) {
+ $checksum = $request->getHeaderLine('chunk-checksum-sha256');
+ if ($checksum === '' || \str_contains($checksum, ',')) {
+ // Reject a missing header of multiple values provided by the client.
throw new UserInputException('chunk-checksum-sha256');
}
projects / GitHub / WoltLab / WCF.git / commitdiff