Fix download over SSL using IE < 8 and binary file response
This commit is contained in:
parent
972bde73ce
commit
4c51ec7866
@ -166,6 +166,8 @@ class BinaryFileResponse extends Response
|
|||||||
$this->setProtocolVersion('1.1');
|
$this->setProtocolVersion('1.1');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->ensureIEOverSSLCompatibility($request);
|
||||||
|
|
||||||
$this->offset = 0;
|
$this->offset = 0;
|
||||||
$this->maxlen = -1;
|
$this->maxlen = -1;
|
||||||
|
|
||||||
|
@ -253,15 +253,7 @@ class Response
|
|||||||
$this->headers->set('expires', -1);
|
$this->headers->set('expires', -1);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
$this->ensureIEOverSSLCompatibility($request);
|
||||||
* Check if we need to remove Cache-Control for ssl encrypted downloads when using IE < 9
|
|
||||||
* @link http://support.microsoft.com/kb/323308
|
|
||||||
*/
|
|
||||||
if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) == 1 && true === $request->isSecure()) {
|
|
||||||
if (intval(preg_replace("/(MSIE )(.*?);/", "$2", $match[0])) < 9) {
|
|
||||||
$this->headers->remove('Cache-Control');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
@ -1179,4 +1171,18 @@ class Response
|
|||||||
{
|
{
|
||||||
return in_array($this->statusCode, array(201, 204, 304));
|
return in_array($this->statusCode, array(201, 204, 304));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check if we need to remove Cache-Control for ssl encrypted downloads when using IE < 9
|
||||||
|
*
|
||||||
|
* @link http://support.microsoft.com/kb/323308
|
||||||
|
*/
|
||||||
|
protected function ensureIEOverSSLCompatibility(Request $request)
|
||||||
|
{
|
||||||
|
if (false !== stripos($this->headers->get('Content-Disposition'), 'attachment') && preg_match('/MSIE (.*?);/i', $request->server->get('HTTP_USER_AGENT'), $match) == 1 && true === $request->isSecure()) {
|
||||||
|
if (intval(preg_replace("/(MSIE )(.*?);/", "$2", $match[0])) < 9) {
|
||||||
|
$this->headers->remove('Cache-Control');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -15,7 +15,7 @@ use Symfony\Component\HttpFoundation\BinaryFileResponse;
|
|||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
|
use Symfony\Component\HttpFoundation\ResponseHeaderBag;
|
||||||
|
|
||||||
class BinaryFileResponseTest extends \PHPUnit_Framework_TestCase
|
class BinaryFileResponseTest extends ResponseTestCase
|
||||||
{
|
{
|
||||||
public function testConstruction()
|
public function testConstruction()
|
||||||
{
|
{
|
||||||
@ -145,4 +145,9 @@ class BinaryFileResponseTest extends \PHPUnit_Framework_TestCase
|
|||||||
array('/home/foo/bar.txt', '/files/=/var/www/,/baz/=/home/foo/', '/baz/bar.txt'),
|
array('/home/foo/bar.txt', '/files/=/var/www/,/baz/=/home/foo/', '/baz/bar.txt'),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function provideResponse()
|
||||||
|
{
|
||||||
|
return new BinaryFileResponse('README.md');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -14,7 +14,7 @@ namespace Symfony\Component\HttpFoundation\Tests;
|
|||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
|
|
||||||
class ResponseTest extends \PHPUnit_Framework_TestCase
|
class ResponseTest extends ResponseTestCase
|
||||||
{
|
{
|
||||||
public function testCreate()
|
public function testCreate()
|
||||||
{
|
{
|
||||||
@ -326,75 +326,6 @@ class ResponseTest extends \PHPUnit_Framework_TestCase
|
|||||||
$this->assertEquals('text/css; charset=UTF-8', $response->headers->get('Content-Type'));
|
$this->assertEquals('text/css; charset=UTF-8', $response->headers->get('Content-Type'));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testNoCacheControlHeaderOnAttachmentUsingHTTPSAndMSIE()
|
|
||||||
{
|
|
||||||
// Check for HTTPS and IE 8
|
|
||||||
$request = new Request();
|
|
||||||
$request->server->set('HTTPS', true);
|
|
||||||
$request->server->set('HTTP_USER_AGENT', 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)');
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertFalse($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for IE 10 and HTTPS
|
|
||||||
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)');
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for IE 9 and HTTPS
|
|
||||||
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)');
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for IE 9 and HTTP
|
|
||||||
$request->server->set('HTTPS', false);
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for IE 8 and HTTP
|
|
||||||
$request->server->set('HTTP_USER_AGENT', 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)');
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for non-IE and HTTPS
|
|
||||||
$request->server->set('HTTPS', true);
|
|
||||||
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.60 Safari/537.17');
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
|
|
||||||
// Check for non-IE and HTTP
|
|
||||||
$request->server->set('HTTPS', false);
|
|
||||||
|
|
||||||
$response = new Response();
|
|
||||||
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
|
||||||
$response->prepare($request);
|
|
||||||
|
|
||||||
$this->assertTrue($response->headers->has('Cache-Control'));
|
|
||||||
}
|
|
||||||
|
|
||||||
public function testPrepareDoesNothingIfContentTypeIsSet()
|
public function testPrepareDoesNothingIfContentTypeIsSet()
|
||||||
{
|
{
|
||||||
$response = new Response('foo');
|
$response = new Response('foo');
|
||||||
@ -770,6 +701,11 @@ class ResponseTest extends \PHPUnit_Framework_TestCase
|
|||||||
{
|
{
|
||||||
return new \DateTime();
|
return new \DateTime();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
protected function provideResponse()
|
||||||
|
{
|
||||||
|
return new Response();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
class StringableObject
|
class StringableObject
|
||||||
|
@ -0,0 +1,79 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Symfony\Component\HttpFoundation\Tests;
|
||||||
|
|
||||||
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
|
|
||||||
|
abstract class ResponseTestCase extends \PHPUnit_Framework_TestCase
|
||||||
|
{
|
||||||
|
public function testNoCacheControlHeaderOnAttachmentUsingHTTPSAndMSIE()
|
||||||
|
{
|
||||||
|
// Check for HTTPS and IE 8
|
||||||
|
$request = new Request();
|
||||||
|
$request->server->set('HTTPS', true);
|
||||||
|
$request->server->set('HTTP_USER_AGENT', 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)');
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertFalse($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for IE 10 and HTTPS
|
||||||
|
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)');
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for IE 9 and HTTPS
|
||||||
|
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)');
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for IE 9 and HTTP
|
||||||
|
$request->server->set('HTTPS', false);
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for IE 8 and HTTP
|
||||||
|
$request->server->set('HTTP_USER_AGENT', 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)');
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for non-IE and HTTPS
|
||||||
|
$request->server->set('HTTPS', true);
|
||||||
|
$request->server->set('HTTP_USER_AGENT', 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.60 Safari/537.17');
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
|
||||||
|
// Check for non-IE and HTTP
|
||||||
|
$request->server->set('HTTPS', false);
|
||||||
|
|
||||||
|
$response = $this->provideResponse();
|
||||||
|
$response->headers->set('Content-Disposition', 'attachment; filename="fname.ext"');
|
||||||
|
$response->prepare($request);
|
||||||
|
|
||||||
|
$this->assertTrue($response->headers->has('Cache-Control'));
|
||||||
|
}
|
||||||
|
|
||||||
|
abstract protected function provideResponse();
|
||||||
|
}
|
Reference in New Issue
Block a user