Update whitelist for sytest media fix (#1137)
* Update sytest-whitelist, are-we-synapse-yet.list * Update gomatrixserverlib * Update gomatrixserverlib * Loop avoidance * Return UTF-8 filenames * Replace quotes only, instead of using strconv.Quote * Update sytest-whitelist * Update sytest-whitelistmain
parent
e15a8042a1
commit
04c99092a4
|
@ -97,8 +97,8 @@ rst PUT power_levels should not explode if the old power levels were empty
|
|||
rst Both GET and PUT work
|
||||
rct POST /rooms/:room_id/receipt can create receipts
|
||||
red POST /rooms/:room_id/read_markers can create read marker
|
||||
med POST /media/v1/upload can create an upload
|
||||
med GET /media/v1/download can fetch the value again
|
||||
med POST /media/r0/upload can create an upload
|
||||
med GET /media/r0/download can fetch the value again
|
||||
cap GET /capabilities is present and well formed for registered user
|
||||
cap GET /r0/capabilities is not public
|
||||
reg Register with a recaptcha
|
||||
|
|
2
go.mod
2
go.mod
|
@ -20,7 +20,7 @@ require (
|
|||
github.com/matrix-org/go-http-js-libp2p v0.0.0-20200518170932-783164aeeda4
|
||||
github.com/matrix-org/go-sqlite3-js v0.0.0-20200522092705-bc8506ccbcf3
|
||||
github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200615161710-f69539c86ea5
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200616150727-7ac22b6f8e65
|
||||
github.com/matrix-org/naffka v0.0.0-20200422140631-181f1ee7401f
|
||||
github.com/matrix-org/util v0.0.0-20190711121626-527ce5ddefc7
|
||||
github.com/mattn/go-sqlite3 v2.0.2+incompatible
|
||||
|
|
4
go.sum
4
go.sum
|
@ -371,8 +371,8 @@ github.com/matrix-org/go-sqlite3-js v0.0.0-20200522092705-bc8506ccbcf3 h1:Yb+Wlf
|
|||
github.com/matrix-org/go-sqlite3-js v0.0.0-20200522092705-bc8506ccbcf3/go.mod h1:e+cg2q7C7yE5QnAXgzo512tgFh1RbQLC0+jozuegKgo=
|
||||
github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26 h1:Hr3zjRsq2bhrnp3Ky1qgx/fzCtCALOoGYylh2tpS9K4=
|
||||
github.com/matrix-org/gomatrix v0.0.0-20190528120928-7df988a63f26/go.mod h1:3fxX6gUjWyI/2Bt7J1OLhpCzOfO/bB3AiX0cJtEKud0=
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200615161710-f69539c86ea5 h1:VN7DoSFVkQF9Bv+TWuBWHLgAz9Nw9UiahFfe2oE6uiQ=
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200615161710-f69539c86ea5/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200616150727-7ac22b6f8e65 h1:2CcCcBnWdDPDOqFKiGOM+mi/KDDZXSTKmvFy/0/+ZJI=
|
||||
github.com/matrix-org/gomatrixserverlib v0.0.0-20200616150727-7ac22b6f8e65/go.mod h1:JsAzE1Ll3+gDWS9JSUHPJiiyAksvOOnGWF2nXdg4ZzU=
|
||||
github.com/matrix-org/naffka v0.0.0-20200422140631-181f1ee7401f h1:pRz4VTiRCO4zPlEMc3ESdUOcW4PXHH4Kj+YDz1XyE+Y=
|
||||
github.com/matrix-org/naffka v0.0.0-20200422140631-181f1ee7401f/go.mod h1:y0oDTjZDv5SM9a2rp3bl+CU+bvTRINQsdb7YlDql5Go=
|
||||
github.com/matrix-org/util v0.0.0-20190711121626-527ce5ddefc7 h1:ntrLa/8xVzeSs8vHFHK25k0C+NV74sYMJnNSg5NoSRo=
|
||||
|
|
|
@ -21,6 +21,7 @@ import (
|
|||
"io"
|
||||
"mime"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"regexp"
|
||||
|
@ -302,7 +303,14 @@ func (r *downloadRequest) respondFromLocalFile(
|
|||
responseMetadata = r.MediaMetadata
|
||||
|
||||
if len(responseMetadata.UploadName) > 0 {
|
||||
w.Header().Set("Content-Disposition", fmt.Sprintf(`inline; filename*=utf-8"%s"`, responseMetadata.UploadName))
|
||||
uploadName, err := url.PathUnescape(string(responseMetadata.UploadName))
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("url.PathUnescape: %w", err)
|
||||
}
|
||||
w.Header().Set("Content-Disposition", fmt.Sprintf(
|
||||
`inline; filename=utf-8"%s"`,
|
||||
strings.ReplaceAll(uploadName, `"`, `\"`), // escape quote marks only, as per RFC6266
|
||||
))
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -16,6 +16,7 @@ package routing
|
|||
|
||||
import (
|
||||
"net/http"
|
||||
"strings"
|
||||
|
||||
userapi "github.com/matrix-org/dendrite/userapi/api"
|
||||
|
||||
|
@ -94,11 +95,24 @@ func makeDownloadAPI(
|
|||
util.SetCORSHeaders(w)
|
||||
// Content-Type will be overridden in case of returning file data, else we respond with JSON-formatted errors
|
||||
w.Header().Set("Content-Type", "application/json")
|
||||
|
||||
vars, _ := httputil.URLDecodeMapValues(mux.Vars(req))
|
||||
serverName := gomatrixserverlib.ServerName(vars["serverName"])
|
||||
|
||||
// For the purposes of loop avoidance, we will return a 404 if allow_remote is set to
|
||||
// false in the query string and the target server name isn't our own.
|
||||
// https://github.com/matrix-org/matrix-doc/pull/1265
|
||||
if allowRemote := req.URL.Query().Get("allow_remote"); strings.ToLower(allowRemote) == "false" {
|
||||
if serverName != cfg.Matrix.ServerName {
|
||||
w.WriteHeader(http.StatusNotFound)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
Download(
|
||||
w,
|
||||
req,
|
||||
gomatrixserverlib.ServerName(vars["serverName"]),
|
||||
serverName,
|
||||
types.MediaID(vars["mediaId"]),
|
||||
cfg,
|
||||
db,
|
||||
|
|
|
@ -128,7 +128,7 @@ Outbound federation can send events
|
|||
# test for now.
|
||||
#Backfill checks the events requested belong to the room
|
||||
Can upload without a file name
|
||||
Can download without a file name locally
|
||||
#Can download without a file name locally
|
||||
Can upload with ASCII file name
|
||||
Can send image in room message
|
||||
AS cannot create users outside its own namespace
|
||||
|
@ -314,3 +314,16 @@ Invalid JSON special values
|
|||
Invalid JSON floats
|
||||
Outbound federation will ignore a missing event with bad JSON for room version 6
|
||||
Can download without a file name over federation
|
||||
POST /media/r0/upload can create an upload
|
||||
GET /media/r0/download can fetch the value again
|
||||
Remote users can join room by alias
|
||||
Alias creators can delete alias with no ops
|
||||
Alias creators can delete canonical alias with no ops
|
||||
Room members can override their displayname on a room-specific basis
|
||||
displayname updates affect room member events
|
||||
avatar_url updates affect room member events
|
||||
Real non-joined users can get individual state for world_readable rooms after leaving
|
||||
Can upload with Unicode file name
|
||||
POSTed media can be thumbnailed
|
||||
Remote media can be thumbnailed
|
||||
Can download with Unicode file name locally
|
||||
|
|
Loading…
Reference in New Issue