Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: add 'Content-Length' header for avatars

This commit is contained in:
Régis Hanol 2014-10-22 15:39:51 +02:00
parent 6c58cb982a
commit de415b804c
3 changed files with 10 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/controllers/static_controller.rb
View File

@ -77,13 +77,12 @@ class StaticController < ApplicationController
end
skip_before_filter :verify_authenticity_token, only: [:cdn_asset]
def cdn_asset
path = File.expand_path(Rails.root + "public/assets/" + params[:path])
# SECURITY what if path has /../
unless path.start_with?(Rails.root.to_s + "/public/assets")
raise Discourse::NotFound
end
raise Discourse::NotFound unless path.start_with?(Rails.root.to_s + "/public/assets")
expires_in 1.year, public: true
@ -96,10 +95,8 @@ class StaticController < ApplicationController
rescue Errno::ENOENT
raise Discourse::NotFound
end
opts = {
disposition: nil
}
opts = { disposition: nil }
opts[:type] = "application/javascript" if path =~ /\.js$/
# we must disable acceleration otherwise NGINX strips
@ -107,4 +104,5 @@ class StaticController < ApplicationController
request.env['sendfile.type'] = ''
send_file(path, opts)
end
end

7
app/controllers/user_avatars_controller.rb
View File

@ -24,12 +24,12 @@ class UserAvatarsController < ApplicationController
params.require(:version)
params.require(:size)
if params[:version].to_i > LetterAvatar::VERSION
return render_dot
end
return render_dot if params[:version].to_i > LetterAvatar::VERSION
image = LetterAvatar.generate(params[:username].to_s, params[:size].to_i)
response.headers["Last-Modified"] = File.ctime(image).httpdate
response.headers["Content-Length"] = File.size(image).to_s
expires_in 1.year, public: true
send_file image, disposition: nil
end
@ -77,6 +77,7 @@ class UserAvatarsController < ApplicationController
if image
response.headers["Last-Modified"] = File.ctime(image).httpdate
response.headers["Content-Length"] = File.size(image).to_s
expires_in 1.year, public: true
send_file image, disposition: nil
else

6
config/routes.rb
View File

@ -253,10 +253,8 @@ Discourse::Application.routes.draw do
get "users/:username/badges_json" => "user_badges#username"
post "user_avatar/:username/refresh_gravatar" => "user_avatars#refresh_gravatar"
get "letter_avatar/:username/:size/:version.png" => "user_avatars#show_letter",
format: false, constraints: {hostname: /[\w\.-]+/}
get "user_avatar/:hostname/:username/:size/:version.png" => "user_avatars#show",
format: false, constraints: {hostname: /[\w\.-]+/}
get "letter_avatar/:username/:size/:version.png" => "user_avatars#show_letter", format: false, constraints: { hostname: /[\w\.-]+/ }
get "user_avatar/:hostname/:username/:size/:version.png" => "user_avatars#show", format: false, constraints: { hostname: /[\w\.-]+/ }
get "uploads/:site/:id/:sha.:extension" => "uploads#show", constraints: {site: /\w+/, id: /\d+/, sha: /[a-z0-9]{15,16}/i, extension: /\w{2,}/}
get "uploads/:site/:sha" => "uploads#show", constraints: { site: /\w+/, sha: /[a-z0-9]{40}/}