Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
9a5703ec
Commit
9a5703ec
authored
Nov 23, 2018
by
Francisco Javier López
Committed by
Nick Thomas
Nov 23, 2018
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Set content disposition attachment to several endpoints
parent
63c1ad18
Changes
8
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
36 additions
and
1 deletion
+36
-1
app/controllers/profiles/keys_controller.rb
app/controllers/profiles/keys_controller.rb
+2
-1
changelogs/unreleased/fj-force-content-disposition.yml
changelogs/unreleased/fj-force-content-disposition.yml
+5
-0
lib/api/helpers.rb
lib/api/helpers.rb
+1
-0
lib/api/snippets.rb
lib/api/snippets.rb
+1
-0
spec/controllers/profiles/keys_controller_spec.rb
spec/controllers/profiles/keys_controller_spec.rb
+7
-0
spec/requests/api/files_spec.rb
spec/requests/api/files_spec.rb
+8
-0
spec/requests/api/repositories_spec.rb
spec/requests/api/repositories_spec.rb
+6
-0
spec/requests/api/snippets_spec.rb
spec/requests/api/snippets_spec.rb
+6
-0
No files found.
app/controllers/profiles/keys_controller.rb
View file @
9a5703ec
...
@@ -40,7 +40,8 @@ class Profiles::KeysController < Profiles::ApplicationController
...
@@ -40,7 +40,8 @@ class Profiles::KeysController < Profiles::ApplicationController
begin
begin
user
=
UserFinder
.
new
(
params
[
:username
]).
find_by_username
user
=
UserFinder
.
new
(
params
[
:username
]).
find_by_username
if
user
.
present?
if
user
.
present?
render
text:
user
.
all_ssh_keys
.
join
(
"
\n
"
),
content_type:
"text/plain"
headers
[
'Content-Disposition'
]
=
'attachment'
render
text:
user
.
all_ssh_keys
.
join
(
"
\n
"
),
content_type:
'text/plain'
else
else
return
render_404
return
render_404
end
end
...
...
changelogs/unreleased/fj-force-content-disposition.yml
0 → 100644
View file @
9a5703ec
---
title
:
Force content disposition attachment to several endpoints
merge_request
:
23223
author
:
type
:
other
lib/api/helpers.rb
View file @
9a5703ec
...
@@ -494,6 +494,7 @@ module API
...
@@ -494,6 +494,7 @@ module API
def
send_git_blob
(
repository
,
blob
)
def
send_git_blob
(
repository
,
blob
)
env
[
'api.format'
]
=
:txt
env
[
'api.format'
]
=
:txt
content_type
'text/plain'
content_type
'text/plain'
header
[
'Content-Disposition'
]
=
"attachment; filename=
#{
blob
.
name
.
inspect
}
"
header
(
*
Gitlab
::
Workhorse
.
send_git_blob
(
repository
,
blob
))
header
(
*
Gitlab
::
Workhorse
.
send_git_blob
(
repository
,
blob
))
end
end
...
...
lib/api/snippets.rb
View file @
9a5703ec
...
@@ -146,6 +146,7 @@ module API
...
@@ -146,6 +146,7 @@ module API
env
[
'api.format'
]
=
:txt
env
[
'api.format'
]
=
:txt
content_type
'text/plain'
content_type
'text/plain'
header
[
'Content-Disposition'
]
=
'attachment'
present
snippet
.
content
present
snippet
.
content
end
end
# rubocop: enable CodeReuse/ActiveRecord
# rubocop: enable CodeReuse/ActiveRecord
...
...
spec/controllers/profiles/keys_controller_spec.rb
View file @
9a5703ec
...
@@ -62,8 +62,15 @@ describe Profiles::KeysController do
...
@@ -62,8 +62,15 @@ describe Profiles::KeysController do
it
"responds with text/plain content type"
do
it
"responds with text/plain content type"
do
get
:get_keys
,
username:
user
.
username
get
:get_keys
,
username:
user
.
username
expect
(
response
.
content_type
).
to
eq
(
"text/plain"
)
expect
(
response
.
content_type
).
to
eq
(
"text/plain"
)
end
end
it
"responds with attachment content disposition"
do
get
:get_keys
,
username:
user
.
username
expect
(
response
.
headers
[
'Content-Disposition'
]).
to
eq
(
'attachment'
)
end
end
end
end
end
end
end
spec/requests/api/files_spec.rb
View file @
9a5703ec
...
@@ -178,6 +178,14 @@ describe API::Files do
...
@@ -178,6 +178,14 @@ describe API::Files do
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
response
).
to
have_gitlab_http_status
(
200
)
end
end
it
'forces attachment content disposition'
do
url
=
route
(
file_path
)
+
"/raw"
get
api
(
url
,
current_user
),
params
expect
(
headers
[
'Content-Disposition'
]).
to
match
(
/^attachment/
)
end
context
'when mandatory params are not given'
do
context
'when mandatory params are not given'
do
it_behaves_like
'400 response'
do
it_behaves_like
'400 response'
do
let
(
:request
)
{
get
api
(
route
(
"any%2Ffile"
),
current_user
)
}
let
(
:request
)
{
get
api
(
route
(
"any%2Ffile"
),
current_user
)
}
...
...
spec/requests/api/repositories_spec.rb
View file @
9a5703ec
...
@@ -168,6 +168,12 @@ describe API::Repositories do
...
@@ -168,6 +168,12 @@ describe API::Repositories do
expect
(
response
).
to
have_gitlab_http_status
(
200
)
expect
(
response
).
to
have_gitlab_http_status
(
200
)
end
end
it
'forces attachment content disposition'
do
get
api
(
route
,
current_user
)
expect
(
headers
[
'Content-Disposition'
]).
to
match
(
/^attachment/
)
end
context
'when sha does not exist'
do
context
'when sha does not exist'
do
it_behaves_like
'404 response'
do
it_behaves_like
'404 response'
do
let
(
:request
)
{
get
api
(
route
.
sub
(
sample_blob
.
oid
,
'123456'
),
current_user
)
}
let
(
:request
)
{
get
api
(
route
.
sub
(
sample_blob
.
oid
,
'123456'
),
current_user
)
}
...
...
spec/requests/api/snippets_spec.rb
View file @
9a5703ec
...
@@ -94,6 +94,12 @@ describe API::Snippets do
...
@@ -94,6 +94,12 @@ describe API::Snippets do
expect
(
response
.
body
).
to
eq
(
snippet
.
content
)
expect
(
response
.
body
).
to
eq
(
snippet
.
content
)
end
end
it
'forces attachment content disposition'
do
get
api
(
"/snippets/
#{
snippet
.
id
}
/raw"
,
user
)
expect
(
headers
[
'Content-Disposition'
]).
to
match
(
/^attachment/
)
end
it
'returns 404 for invalid snippet id'
do
it
'returns 404 for invalid snippet id'
do
get
api
(
"/snippets/1234/raw"
,
user
)
get
api
(
"/snippets/1234/raw"
,
user
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment