Drupal investigation

BinaryFileResponse.php 12KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\HttpFoundation;
  11. use Symfony\Component\HttpFoundation\File\File;
  12. use Symfony\Component\HttpFoundation\File\Exception\FileException;
  13. /**
  14. * BinaryFileResponse represents an HTTP response delivering a file.
  15. *
  16. * @author Niklas Fiekas <niklas.fiekas@tu-clausthal.de>
  17. * @author stealth35 <stealth35-php@live.fr>
  18. * @author Igor Wiedler <igor@wiedler.ch>
  19. * @author Jordan Alliot <jordan.alliot@gmail.com>
  20. * @author Sergey Linnik <linniksa@gmail.com>
  21. */
  22. class BinaryFileResponse extends Response
  23. {
  24. protected static $trustXSendfileTypeHeader = false;
  25. /**
  26. * @var File
  27. */
  28. protected $file;
  29. protected $offset;
  30. protected $maxlen;
  31. protected $deleteFileAfterSend = false;
  32. /**
  33. * Constructor.
  34. *
  35. * @param \SplFileInfo|string $file The file to stream
  36. * @param int $status The response status code
  37. * @param array $headers An array of response headers
  38. * @param bool $public Files are public by default
  39. * @param null|string $contentDisposition The type of Content-Disposition to set automatically with the filename
  40. * @param bool $autoEtag Whether the ETag header should be automatically set
  41. * @param bool $autoLastModified Whether the Last-Modified header should be automatically set
  42. */
  43. public function __construct($file, $status = 200, $headers = array(), $public = true, $contentDisposition = null, $autoEtag = false, $autoLastModified = true)
  44. {
  45. parent::__construct(null, $status, $headers);
  46. $this->setFile($file, $contentDisposition, $autoEtag, $autoLastModified);
  47. if ($public) {
  48. $this->setPublic();
  49. }
  50. }
  51. /**
  52. * @param \SplFileInfo|string $file The file to stream
  53. * @param int $status The response status code
  54. * @param array $headers An array of response headers
  55. * @param bool $public Files are public by default
  56. * @param null|string $contentDisposition The type of Content-Disposition to set automatically with the filename
  57. * @param bool $autoEtag Whether the ETag header should be automatically set
  58. * @param bool $autoLastModified Whether the Last-Modified header should be automatically set
  59. *
  60. * @return static
  61. */
  62. public static function create($file = null, $status = 200, $headers = array(), $public = true, $contentDisposition = null, $autoEtag = false, $autoLastModified = true)
  63. {
  64. return new static($file, $status, $headers, $public, $contentDisposition, $autoEtag, $autoLastModified);
  65. }
  66. /**
  67. * Sets the file to stream.
  68. *
  69. * @param \SplFileInfo|string $file The file to stream
  70. * @param string $contentDisposition
  71. * @param bool $autoEtag
  72. * @param bool $autoLastModified
  73. *
  74. * @return $this
  75. *
  76. * @throws FileException
  77. */
  78. public function setFile($file, $contentDisposition = null, $autoEtag = false, $autoLastModified = true)
  79. {
  80. if (!$file instanceof File) {
  81. if ($file instanceof \SplFileInfo) {
  82. $file = new File($file->getPathname());
  83. } else {
  84. $file = new File((string) $file);
  85. }
  86. }
  87. if (!$file->isReadable()) {
  88. throw new FileException('File must be readable.');
  89. }
  90. $this->file = $file;
  91. if ($autoEtag) {
  92. $this->setAutoEtag();
  93. }
  94. if ($autoLastModified) {
  95. $this->setAutoLastModified();
  96. }
  97. if ($contentDisposition) {
  98. $this->setContentDisposition($contentDisposition);
  99. }
  100. return $this;
  101. }
  102. /**
  103. * Gets the file.
  104. *
  105. * @return File The file to stream
  106. */
  107. public function getFile()
  108. {
  109. return $this->file;
  110. }
  111. /**
  112. * Automatically sets the Last-Modified header according the file modification date.
  113. */
  114. public function setAutoLastModified()
  115. {
  116. $this->setLastModified(\DateTime::createFromFormat('U', $this->file->getMTime()));
  117. return $this;
  118. }
  119. /**
  120. * Automatically sets the ETag header according to the checksum of the file.
  121. */
  122. public function setAutoEtag()
  123. {
  124. $this->setEtag(sha1_file($this->file->getPathname()));
  125. return $this;
  126. }
  127. /**
  128. * Sets the Content-Disposition header with the given filename.
  129. *
  130. * @param string $disposition ResponseHeaderBag::DISPOSITION_INLINE or ResponseHeaderBag::DISPOSITION_ATTACHMENT
  131. * @param string $filename Optionally use this filename instead of the real name of the file
  132. * @param string $filenameFallback A fallback filename, containing only ASCII characters. Defaults to an automatically encoded filename
  133. *
  134. * @return $this
  135. */
  136. public function setContentDisposition($disposition, $filename = '', $filenameFallback = '')
  137. {
  138. if ($filename === '') {
  139. $filename = $this->file->getFilename();
  140. }
  141. if ('' === $filenameFallback && (!preg_match('/^[\x20-\x7e]*$/', $filename) || false !== strpos($filename, '%'))) {
  142. $encoding = mb_detect_encoding($filename, null, true);
  143. for ($i = 0, $filenameLength = mb_strlen($filename, $encoding); $i < $filenameLength; ++$i) {
  144. $char = mb_substr($filename, $i, 1, $encoding);
  145. if ('%' === $char || ord($char) < 32 || ord($char) > 126) {
  146. $filenameFallback .= '_';
  147. } else {
  148. $filenameFallback .= $char;
  149. }
  150. }
  151. }
  152. $dispositionHeader = $this->headers->makeDisposition($disposition, $filename, $filenameFallback);
  153. $this->headers->set('Content-Disposition', $dispositionHeader);
  154. return $this;
  155. }
  156. /**
  157. * {@inheritdoc}
  158. */
  159. public function prepare(Request $request)
  160. {
  161. $this->headers->set('Content-Length', $this->file->getSize());
  162. if (!$this->headers->has('Accept-Ranges')) {
  163. // Only accept ranges on safe HTTP methods
  164. $this->headers->set('Accept-Ranges', $request->isMethodSafe(false) ? 'bytes' : 'none');
  165. }
  166. if (!$this->headers->has('Content-Type')) {
  167. $this->headers->set('Content-Type', $this->file->getMimeType() ?: 'application/octet-stream');
  168. }
  169. if ('HTTP/1.0' !== $request->server->get('SERVER_PROTOCOL')) {
  170. $this->setProtocolVersion('1.1');
  171. }
  172. $this->ensureIEOverSSLCompatibility($request);
  173. $this->offset = 0;
  174. $this->maxlen = -1;
  175. if (self::$trustXSendfileTypeHeader && $request->headers->has('X-Sendfile-Type')) {
  176. // Use X-Sendfile, do not send any content.
  177. $type = $request->headers->get('X-Sendfile-Type');
  178. $path = $this->file->getRealPath();
  179. // Fall back to scheme://path for stream wrapped locations.
  180. if (false === $path) {
  181. $path = $this->file->getPathname();
  182. }
  183. if (strtolower($type) === 'x-accel-redirect') {
  184. // Do X-Accel-Mapping substitutions.
  185. // @link http://wiki.nginx.org/X-accel#X-Accel-Redirect
  186. foreach (explode(',', $request->headers->get('X-Accel-Mapping', '')) as $mapping) {
  187. $mapping = explode('=', $mapping, 2);
  188. if (2 === count($mapping)) {
  189. $pathPrefix = trim($mapping[0]);
  190. $location = trim($mapping[1]);
  191. if (substr($path, 0, strlen($pathPrefix)) === $pathPrefix) {
  192. $path = $location.substr($path, strlen($pathPrefix));
  193. break;
  194. }
  195. }
  196. }
  197. }
  198. $this->headers->set($type, $path);
  199. $this->maxlen = 0;
  200. } elseif ($request->headers->has('Range')) {
  201. // Process the range headers.
  202. if (!$request->headers->has('If-Range') || $this->hasValidIfRangeHeader($request->headers->get('If-Range'))) {
  203. $range = $request->headers->get('Range');
  204. $fileSize = $this->file->getSize();
  205. list($start, $end) = explode('-', substr($range, 6), 2) + array(0);
  206. $end = ('' === $end) ? $fileSize - 1 : (int) $end;
  207. if ('' === $start) {
  208. $start = $fileSize - $end;
  209. $end = $fileSize - 1;
  210. } else {
  211. $start = (int) $start;
  212. }
  213. if ($start <= $end) {
  214. if ($start < 0 || $end > $fileSize - 1) {
  215. $this->setStatusCode(416);
  216. $this->headers->set('Content-Range', sprintf('bytes */%s', $fileSize));
  217. } elseif ($start !== 0 || $end !== $fileSize - 1) {
  218. $this->maxlen = $end < $fileSize ? $end - $start + 1 : -1;
  219. $this->offset = $start;
  220. $this->setStatusCode(206);
  221. $this->headers->set('Content-Range', sprintf('bytes %s-%s/%s', $start, $end, $fileSize));
  222. $this->headers->set('Content-Length', $end - $start + 1);
  223. }
  224. }
  225. }
  226. }
  227. return $this;
  228. }
  229. private function hasValidIfRangeHeader($header)
  230. {
  231. if ($this->getEtag() === $header) {
  232. return true;
  233. }
  234. if (null === $lastModified = $this->getLastModified()) {
  235. return false;
  236. }
  237. return $lastModified->format('D, d M Y H:i:s').' GMT' === $header;
  238. }
  239. /**
  240. * Sends the file.
  241. *
  242. * {@inheritdoc}
  243. */
  244. public function sendContent()
  245. {
  246. if (!$this->isSuccessful()) {
  247. return parent::sendContent();
  248. }
  249. if (0 === $this->maxlen) {
  250. return $this;
  251. }
  252. $out = fopen('php://output', 'wb');
  253. $file = fopen($this->file->getPathname(), 'rb');
  254. stream_copy_to_stream($file, $out, $this->maxlen, $this->offset);
  255. fclose($out);
  256. fclose($file);
  257. if ($this->deleteFileAfterSend) {
  258. unlink($this->file->getPathname());
  259. }
  260. return $this;
  261. }
  262. /**
  263. * {@inheritdoc}
  264. *
  265. * @throws \LogicException when the content is not null
  266. */
  267. public function setContent($content)
  268. {
  269. if (null !== $content) {
  270. throw new \LogicException('The content cannot be set on a BinaryFileResponse instance.');
  271. }
  272. }
  273. /**
  274. * {@inheritdoc}
  275. *
  276. * @return false
  277. */
  278. public function getContent()
  279. {
  280. return false;
  281. }
  282. /**
  283. * Trust X-Sendfile-Type header.
  284. */
  285. public static function trustXSendfileTypeHeader()
  286. {
  287. self::$trustXSendfileTypeHeader = true;
  288. }
  289. /**
  290. * If this is set to true, the file will be unlinked after the request is send
  291. * Note: If the X-Sendfile header is used, the deleteFileAfterSend setting will not be used.
  292. *
  293. * @param bool $shouldDelete
  294. *
  295. * @return $this
  296. */
  297. public function deleteFileAfterSend($shouldDelete)
  298. {
  299. $this->deleteFileAfterSend = $shouldDelete;
  300. return $this;
  301. }
  302. }