[HttpFoundation] Generate safe fallback filename for wrongly encoded filename
This commit is contained in:
parent
ee58cfcf10
commit
8fd5569577
|
@ -150,7 +150,7 @@ class BinaryFileResponse extends Response
|
||||||
* Sets the Content-Disposition header with the given filename.
|
* Sets the Content-Disposition header with the given filename.
|
||||||
*
|
*
|
||||||
* @param string $disposition ResponseHeaderBag::DISPOSITION_INLINE or ResponseHeaderBag::DISPOSITION_ATTACHMENT
|
* @param string $disposition ResponseHeaderBag::DISPOSITION_INLINE or ResponseHeaderBag::DISPOSITION_ATTACHMENT
|
||||||
* @param string $filename Optionally use this filename instead of the real name of the file
|
* @param string $filename Optionally use this UTF-8 encoded filename instead of the real name of the file
|
||||||
* @param string $filenameFallback A fallback filename, containing only ASCII characters. Defaults to an automatically encoded filename
|
* @param string $filenameFallback A fallback filename, containing only ASCII characters. Defaults to an automatically encoded filename
|
||||||
*
|
*
|
||||||
* @return $this
|
* @return $this
|
||||||
|
@ -162,7 +162,7 @@ class BinaryFileResponse extends Response
|
||||||
}
|
}
|
||||||
|
|
||||||
if ('' === $filenameFallback && (!preg_match('/^[\x20-\x7e]*$/', $filename) || false !== strpos($filename, '%'))) {
|
if ('' === $filenameFallback && (!preg_match('/^[\x20-\x7e]*$/', $filename) || false !== strpos($filename, '%'))) {
|
||||||
$encoding = mb_detect_encoding($filename, null, true);
|
$encoding = mb_detect_encoding($filename, null, true) ?: '8bit';
|
||||||
|
|
||||||
for ($i = 0, $filenameLength = mb_strlen($filename, $encoding); $i < $filenameLength; ++$i) {
|
for ($i = 0, $filenameLength = mb_strlen($filename, $encoding); $i < $filenameLength; ++$i) {
|
||||||
$char = mb_substr($filename, $i, 1, $encoding);
|
$char = mb_substr($filename, $i, 1, $encoding);
|
||||||
|
|
|
@ -68,6 +68,17 @@ class BinaryFileResponseTest extends ResponseTestCase
|
||||||
$this->assertSame('attachment; filename="f__.html"; filename*=utf-8\'\'f%C3%B6%C3%B6.html', $response->headers->get('Content-Disposition'));
|
$this->assertSame('attachment; filename="f__.html"; filename*=utf-8\'\'f%C3%B6%C3%B6.html', $response->headers->get('Content-Disposition'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testSetContentDispositionGeneratesSafeFallbackFilenameForWronglyEncodedFilename()
|
||||||
|
{
|
||||||
|
$response = new BinaryFileResponse(__FILE__);
|
||||||
|
|
||||||
|
$iso88591EncodedFilename = utf8_decode('föö.html');
|
||||||
|
$response->setContentDisposition(ResponseHeaderBag::DISPOSITION_ATTACHMENT, $iso88591EncodedFilename);
|
||||||
|
|
||||||
|
// the parameter filename* is invalid in this case (rawurldecode('f%F6%F6') does not provide a UTF-8 string but an ISO-8859-1 encoded one)
|
||||||
|
$this->assertSame('attachment; filename="f__.html"; filename*=utf-8\'\'f%F6%F6.html', $response->headers->get('Content-Disposition'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider provideRanges
|
* @dataProvider provideRanges
|
||||||
*/
|
*/
|
||||||
|
|
Reference in New Issue