Commit graph

47 commits

Author SHA1 Message Date
Farid AYOUJIL f72ce26326
Add Content-Length header to HEAD requests ()
* Add Content-Length header to HEAD requests

This change adds the header Content-Length to HEAD HTTP requests.

The previous behaviour was blocking some Windows executables (i.e
bitsadmin.exe) from downloading files hosted in Gitea.

This along with PR , makes the web server compliant with HTTP RFC 2616 which states
"The methods GET and HEAD MUST be supported by all general-purpose servers"
and
"The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response."

This should also respond to issues  and .

* This change adds the header Content-Length to HEAD HTTP requests

Pass the Size of the content as a parameter to ServeData() instead of
calculating it using ioutil.ReadAll(reader) --> this call is dangerous
and can result in a denial of service.

* Add Content-Length header to HEAD requests

Quick fix for imported dependency not used.

* Check if size is positiv int ...

Co-authored-by: zeripath <art27@cantab.net>
2021-02-05 21:10:40 +01:00
Jonathan Tran 81467e6f35
Display SVG files as images instead of text ()
* Change to display SVG files as images

* Remove unsafe styles from SVG CSP

* Add integration test to test SVG headers

* Add config setting to disable SVG rendering

* Add test for img tag when loading SVG image

* Remove the Raw view button for svg files since we don't fully support this

* Fix copyright year

* Rename and move config setting

* Add setting to cheat sheet in docs

* Fix so that comment matches cheat sheet

* Add allowing styles in CSP based on pull request feedback

* Re-enable raw button since we show SVG styles now

* Change so that SVG files are editable

* Add UI to toggle between source and rendered image for SVGs

* Change to show blame button for SVG images

* Fix to update ctx data

* Add test for DetectContentType when file is longer than sniffLen

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
2021-01-12 22:45:19 -05:00
kolaente 64133126cd
Update golangci-lint to version 1.31.0 ()
This PR updates golangci-lint to the latest version 1.31.0.

The upgrade introduced a new check for which I've fixed or disabled most cases.

Signed-off-by: kolaente <k@knt.li>
2020-10-11 21:27:20 +01:00
Lunny Xiao 62e6c9bc6c
Add a storage layer for attachments ()
* Add a storage layer for attachments

* Fix some bug

* fix test

* Fix copyright head and lint

* Fix bug

* Add setting for minio and flags for migrate-storage

* Add documents

* fix lint

* Add test for minio store type on attachments

* fix test

* fix test

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add warning when storage migrated successfully

* Fix drone

* fix test

* rebase

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* remove log on xorm

* Fi download bug

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* refactor the codes

* add trace

* Fix test

* Add URL function to serve attachments directly from S3/Minio

* Add ability to enable/disable redirection in attachment configuration

* Fix typo

* Add a storage layer for attachments

* Add setting for minio and flags for migrate-storage

* fix lint

* Add test for minio store type on attachments

* Apply suggestions from code review

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Fix drone

* fix test

* Fix test

* display the error on console

* Move minio test to amd64 since minio docker don't support arm64

* don't change unrelated files

* Fix lint

* Fix build

* update go.mod and go.sum

* Use github.com/minio/minio-go/v6

* Remove unused function

* Upgrade minio to v7 and some other improvements

* fix lint

* Fix go mod

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 12:23:45 +08:00
zeripath 2ef318e6f1
Add Access-Control-Expose-Headers ()
Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
2020-08-13 18:18:18 +01:00
Lunny Xiao 737ea6d83c
Fix download file wrong content-type ()
* Fix download file wrong content-type

* change the error text to be more precise

* fix test
2020-01-17 20:16:05 +08:00
zeripath e1505d6250
Add missed close in ServeBlobLFS () 2019-10-16 06:55:31 +01:00
kolaente f9ec2f89f2 Add golangci () 2019-06-12 15:41:28 -04:00
Lunny Xiao d578b71d61
move code.gitea.io/git to code.gitea.io/gitea/modules/git ()
* move code.gitea.io/git to code.gitea.io/gitea/modules/git

* fix imports

* fix fmt

* fix misspell

* remove wrong tests data

* fix unit tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* enable Debug to trace the failure tests

* fix tests

* fix tests

* fix tests

* fix tests

* fix tests

* comment commit count tests since git clone depth is 50

* fix tests

* update from code.gitea.io/git

* revert change to makefile
2019-03-27 17:33:00 +08:00
zeripath 2a03e96bce
Allow markdown files to read from the LFS ()
This PR makes it possible for the markdown renderer to render images and media straight from the LFS.

Fix 

Signed-off-by: Andrew Thornton [art27@cantab.net](mailto:art27@cantab.net)
2019-02-12 15:09:43 +00:00
Peter Hoffmann e08c7e521b Add raw blob endpoint to get objects by SHA ID ()
* Add raw blob endpoint

This should make it possible to download raw blobs directly from
/:repo/:username/raw/blob/:sha1 URLs.

* fix: Make it work

* As an SHA-ID is no path getRefNameFromPath can't be used to verify
file specifying parameter
* added relevant change in go-gitea/git 

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* Update Gopkg.lock

Can't update all vendors due to errors

Signed-off-by: Berengar W. Lehr <Berengar.Lehr@kompetenztest.de>

* style: Add Gitea copyright header

* feat: Added integration test for /repo/u/r/raw/blob

* fix: correct year in copyright header
2018-11-18 13:45:40 -05:00
Morgan Bazalgette 65861900cd Handle refactor ()
* Replace all ctx.Handle with ctx.ServerError or ctx.NotFound

* Change Handle(403) to NotFound, avoid using macaron's NotFound
2018-01-10 23:34:17 +02:00
Duncan Ogilvie 551f3cbe42 Memory usage improvements ()
* govendor update code.gitea.io/git

Signed-off-by: Duncan Ogilvie <mr.exodia.tpodt@gmail.com>

* Greatly improve memory usage

Signed-off-by: Duncan Ogilvie <mr.exodia.tpodt@gmail.com>
2017-11-29 09:50:39 +08:00
silverwind 935caa7f95 Download files to their original filename () 2017-05-05 14:03:54 +08:00
Lauris BH bb14c97d40 Fix empty file download () 2017-04-20 10:38:56 +08:00
Andrey Nering d647d02c2f Fix Chrome not liking commas 2016-11-26 11:26:03 -02:00
Andrey Nering 638dd24cec Fix HTTP headers for issue attachment download
- Download filename was wrong for files other than images. Example: It was `download` instead of `file.pdf`
- PDF was downloading instead of showing on browser
2016-11-26 10:13:25 -02:00
Lunny Xiao 3917ed45de golint fixed for routers () 2016-11-24 15:04:31 +08:00
Sandro Santilli 4247304f5a Update import paths from github.com/go-gitea to code.gitea.io ()
- Update import paths from github.com/go-gitea to code.gitea.io
- Fix import path for travis

See https://docs.travis-ci.com/user/languages/go#Go-Import-Path
2016-11-10 17:24:48 +01:00
Sandro Santilli 6e4252dad4 Replace gogits/git-module dependency with go-gitea/git ()
* Replace gogits/git-module dependency with go-gitea/git

Fixes 

* Remove git alias for git module import (not needed)
2016-11-06 11:18:34 -02:00
Rémy Boulanouar 2d68bd1ef9 Change import reference to match gitea instead of gogs () 2016-11-03 10:29:56 -02:00
Unknwon 780cc2d110 router/repo: code refactoring 2016-08-30 02:08:38 -07:00
Unknwon f8a48ffaad Web editor: improve code quality 2016-08-24 21:35:03 -07:00
Unknwon ab9c5fb5e7 allow render raw content
Use URL query parameter render=1 to render content in raw mode.
2016-08-05 18:34:13 -07:00
Tamás Molnár 39356f4238 Set utf-8 charset for text files when serving raw content () 2016-04-20 19:38:11 -04:00
Unknwon dd36c431ec add quotes to attachment file name 2016-03-25 22:11:58 -04:00
Unknwon 514382e2eb Rename module: middleware -> context 2016-03-11 11:56:52 -05:00
Unknwon 93f03707a7 set text/plain for non-binary files in raw mode 2015-12-25 05:45:07 -05:00
Unknwon 19423957b1 rename import path 2015-12-15 17:25:45 -05:00
Unknwon 9a2e43bff2 move out git module and send push hook 2015-12-09 20:46:05 -05:00
无闻 8be0bb177b Merge pull request from donbowman/mime-type
43bfee0d48 reverted my change
2015-08-14 13:38:14 +08:00
Don Bowman 4137426c88 43bfee0d48 reverted my change
423b1c69be, which in turn
causes all content to be served as text/plain. Let go decide
what the mime type is (e.g. text/html instead of text/plain).
2015-08-13 23:21:49 +00:00
Unknwon e67659bf8e fix serve attachment content type 2015-08-12 04:49:51 +08:00
Vladimir Vissoultchev 2cc050e21e Fix UTF-8 in upper-case, use ansi charset for all non UTF-8 encodings 2015-07-29 17:58:03 +03:00
Vladimir Vissoultchev 43bfee0d48 Raw text file view returns correct charset in content-type header if not utf-8 2015-07-28 19:50:35 +03:00
Don Bowman 423b1c69be don't set mime type to text/plain. This will break serving e.g. raw images,
html, etc

According to http://golang.org/pkg/net/http/#DetectContentType
"If the Header does not contain a Content-Type line, Write adds
a Content-Type set to the result of passing the initial 512 bytes
of written data to DetectContentType."
2015-04-08 00:44:38 +00:00
Unknwon 32152d2363 routers/repo: set raw page content type to 'text/plain' 2015-01-31 15:27:57 -05:00
Unknwon a0f9197b45 GetFile api 2014-11-16 21:32:26 -05:00
Unknwon 23eec25274 Fix , fix , fix 2014-11-06 22:06:41 -05:00
Unknwon 5c4bc3c848 Huge updates!!!!! Be careful to merge!!!! 2014-07-26 02:28:04 -04:00
Unknwon 8dd07c0ddd New UI merge in progress 2014-07-26 00:24:27 -04:00
Jan Oliver Oelerich 6fe43eb8d4 Fixed directory permissions for the zip download router
If the archives/ directory is created with 0655, it results in a permission error.
2014-06-01 15:22:13 +02:00
slene 4ee6bc4fca fix for new git api 2014-05-28 14:01:41 +08:00
Unknown 688ec6ecbd Fixed 2014-05-25 20:11:25 -04:00
Unknown 04890904f9 fix 2014-05-16 16:24:26 -04:00
Unknown 956f011dd3 Fix 2014-05-16 13:41:08 -04:00
slene 4fafc76052 zip archive download 2014-04-16 00:29:03 +08:00