diff options
-rw-r--r-- | apps/files/download.php | 2 | ||||
-rw-r--r-- | apps/files_versions/download.php | 2 | ||||
-rw-r--r-- | lib/private/files.php | 2 | ||||
-rw-r--r-- | lib/private/response.php | 23 | ||||
-rw-r--r-- | lib/public/response.php | 8 |
5 files changed, 33 insertions, 4 deletions
diff --git a/apps/files/download.php b/apps/files/download.php index 664a69c5959..8d9c539284f 100644 --- a/apps/files/download.php +++ b/apps/files/download.php @@ -39,7 +39,7 @@ $ftype=\OC_Helper::getSecureMimeType(\OC\Files\Filesystem::getMimeType( $filenam header('Content-Type:'.$ftype); OCP\Response::setContentDispositionHeader(basename($filename), 'attachment'); OCP\Response::disableCaching(); -header('Content-Length: '.\OC\Files\Filesystem::filesize($filename)); +OCP\Response::setContentLengthHeader(\OC\Files\Filesystem::filesize($filename)); OC_Util::obEnd(); \OC\Files\Filesystem::readfile( $filename ); diff --git a/apps/files_versions/download.php b/apps/files_versions/download.php index e5139450f5e..c63fde51954 100644 --- a/apps/files_versions/download.php +++ b/apps/files_versions/download.php @@ -38,7 +38,7 @@ $ftype = $view->getMimeType('/'.$uid.'/files/'.$filename); header('Content-Type:'.$ftype); OCP\Response::setContentDispositionHeader(basename($filename), 'attachment'); OCP\Response::disableCaching(); -header('Content-Length: '.$view->filesize($versionName)); +OCP\Response::setContentLengthHeader($view->filesize($versionName)); OC_Util::obEnd(); diff --git a/lib/private/files.php b/lib/private/files.php index b7df99c7d70..be08fd37d60 100644 --- a/lib/private/files.php +++ b/lib/private/files.php @@ -48,7 +48,7 @@ class OC_Files { $filesize = \OC\Files\Filesystem::filesize($filename); header('Content-Type: '.\OC_Helper::getSecureMimeType(\OC\Files\Filesystem::getMimeType($filename))); if ($filesize > -1) { - header("Content-Length: ".$filesize); + OC_Response::setContentLengthHeader($filesize); } } } diff --git a/lib/private/response.php b/lib/private/response.php index 2bec5e3decd..7cd362ecdf3 100644 --- a/lib/private/response.php +++ b/lib/private/response.php @@ -172,6 +172,27 @@ class OC_Response { } /** + * Sets the content length header (with possible workarounds) + * @param string|int|float $length Length to be sent + */ + static public function setContentLengthHeader($length) { + if (PHP_INT_SIZE === 4) { + if ($length > PHP_INT_MAX && stripos(PHP_SAPI, 'apache') === 0) { + // Apache PHP SAPI casts Content-Length headers to PHP integers. + // This enforces a limit of PHP_INT_MAX (2147483647 on 32-bit + // platforms). So, if the length is greater than PHP_INT_MAX, + // we just do not send a Content-Length header to prevent + // bodies from being received incompletely. + return; + } + // Convert signed integer or float to unsigned base-10 string. + $lfh = new \OC\LargeFileHelper; + $length = $lfh->formatUnsignedInteger($length); + } + header('Content-Length: '.$length); + } + + /** * Send file as response, checking and setting caching headers * @param string $filepath of file to send */ @@ -181,7 +202,7 @@ class OC_Response { self::setLastModifiedHeader(filemtime($filepath)); self::setETagHeader(md5_file($filepath)); - header('Content-Length: '.filesize($filepath)); + self::setContentLengthHeader(filesize($filepath)); fpassthru($fp); } else { diff --git a/lib/public/response.php b/lib/public/response.php index 24d3c81d628..c32eb4a05e0 100644 --- a/lib/public/response.php +++ b/lib/public/response.php @@ -64,6 +64,14 @@ class Response { } /** + * Sets the content length header (with possible workarounds) + * @param string|int|float $length Length to be sent + */ + static public function setContentLengthHeader($length) { + \OC_Response::setContentLengthHeader($length); + } + + /** * Disable browser caching * @see enableCaching with cache_time = 0 */ |