gauvain/san-reymoros
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Tentative de régler le bordel

Browse Source
This commit is contained in:
Gauvain Boiché
2020-03-31 15:58:31 +02:00
parent a1864c0414
commit 459b46df7b
345 changed files with 10758 additions and 4066 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
includes/functions_download.php
View File

@@ -196,7 +196,7 @@ function send_file_to_browser($attachment, $upload_dir, $category)
}
// Now the tricky part... let's dance
header('Cache-Control: public');
header('Cache-Control: private');
// Send out the Headers. Do not set Content-Disposition to inline please, it is a security measure for users using the Internet Explorer.
header('Content-Type: ' . $attachment['mimetype']);
@@ -206,28 +206,20 @@ function send_file_to_browser($attachment, $upload_dir, $category)
header('X-Content-Type-Options: nosniff');
}
if ($category == ATTACHMENT_CATEGORY_FLASH && $request->variable('view', 0) === 1)
if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
{
// We use content-disposition: inline for flash files and view=1 to let it correctly play with flash player 10 - any other disposition will fail to play inline
header('Content-Disposition: inline');
header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
{
header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
}
}
else
{
if (empty($user->browser) || ((strpos(strtolower($user->browser), 'msie') !== false) && !phpbb_is_greater_ie_version($user->browser, 7)))
header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
{
header('Content-Disposition: attachment; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (empty($user->browser) || (strpos(strtolower($user->browser), 'msie 6.0') !== false))
{
header('Expires: ' . gmdate('D, d M Y H:i:s', time()) . ' GMT');
}
}
else
{
header('Content-Disposition: ' . ((strpos($attachment['mimetype'], 'image') === 0) ? 'inline' : 'attachment') . '; ' . header_filename(htmlspecialchars_decode($attachment['real_filename'])));
if (phpbb_is_greater_ie_version($user->browser, 7) && (strpos($attachment['mimetype'], 'image') !== 0))
{
header('X-Download-Options: noopen');
}
header('X-Download-Options: noopen');
}
}
@@ -451,7 +443,7 @@ function set_modified_headers($stamp, $browser)
{
send_status_line(304, 'Not Modified');
// seems that we need those too ... browsers
header('Cache-Control: public');
header('Cache-Control: private');
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 31536000) . ' GMT');
return true;
}