Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-03 03:55:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Render HTML as text/plain

Browse Source
This commit is contained in:
Naoki Takezoe
2018-06-12 20:02:49 +09:00
parent 2586b436cf
commit f1ffb25e43
5 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/scala/gitbucket/core/controller/ControllerBase.scala
View File

@@ -254,7 +254,7 @@ abstract class ControllerBase
repository: RepositoryService.RepositoryInfo
): Unit = {
JGitUtil.getObjectLoaderFromId(git, objectId) { loader =>
contentType = FileUtil.getMimeType(path)
contentType = FileUtil.getSafeMimeType(path)
if (loader.isLarge) {
response.setContentLength(loader.getSize.toInt)

2
src/main/scala/gitbucket/core/controller/IssuesController.scala
View File

@@ -406,7 +406,7 @@ trait IssuesControllerBase extends ControllerBase {
case dir if (dir.exists && dir.isDirectory) =>
dir.listFiles.find(_.getName.startsWith(params("file") + ".")).map { file =>
response.setHeader("Content-Disposition", f"""inline; filename=${file.getName}""")
RawData(FileUtil.getMimeType(file.getName), file)
RawData(FileUtil.getSafeMimeType(file.getName), file)
}
case _ => None
}) getOrElse NotFound()

2
src/main/scala/gitbucket/core/controller/ReleasesController.scala
View File

@@ -79,7 +79,7 @@ trait ReleaseControllerBase extends ControllerBase {
} yield {
response.setHeader("Content-Disposition", s"attachment; filename=${asset.label}")
RawData(
FileUtil.getMimeType(asset.label),
FileUtil.getSafeMimeType(asset.label),
new File(getReleaseFilesDir(repository.owner, repository.name), FileUtil.checkFilename(tagName + "/" + fileId))
)
}).getOrElse(NotFound())

2
src/main/scala/gitbucket/core/servlet/PluginAssetsServlet.scala
View File

@@ -26,7 +26,7 @@ class PluginAssetsServlet extends HttpServlet {
try {
val bytes = IOUtils.toByteArray(in)
resp.setContentLength(bytes.length)
resp.setContentType(FileUtil.getContentType(path, bytes))
resp.setContentType(FileUtil.getMimeType(path, bytes))
resp.setHeader("Cache-Control", "max-age=3600")
resp.getOutputStream.write(bytes)
} finally {

6
src/main/scala/gitbucket/core/util/FileUtil.scala
View File

@@ -16,7 +16,7 @@ object FileUtil {
}
}
def getContentType(name: String, bytes: Array[Byte]): String = {
def getMimeType(name: String, bytes: Array[Byte]): String = {
defining(getMimeType(name)) { mimeType =>
if (mimeType == "application/octet-stream" && isText(bytes)) {
"text/plain"
@@ -26,6 +26,10 @@ object FileUtil {
}
}
def getSafeMimeType(name: String): String = {
getMimeType(name).replace("text/html", "text/plain")
}
def isImage(name: String): Boolean = getMimeType(name).startsWith("image/")
def isLarge(size: Long): Boolean = (size > 1024 * 1000)