Page MenuHomestyx hydra
Files F1456150

No OneTemporary
Actions

View Options

diff --git a/src/applications/files/controller/proxy/PhabricatorFileProxyController.php b/src/applications/files/controller/proxy/PhabricatorFileProxyController.php
index 3869376b12..760b5c69e3 100644
--- a/src/applications/files/controller/proxy/PhabricatorFileProxyController.php
+++ b/src/applications/files/controller/proxy/PhabricatorFileProxyController.php
@@ -1,55 +1,61 @@
<?php
/*
* Copyright 2011 Facebook, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class PhabricatorFileProxyController extends PhabricatorFileController {
private $uri;
public function processRequest() {
if (!PhabricatorEnv::getEnvConfig('files.enable-proxy')) {
return new Aphront400Response();
}
$request = $this->getRequest();
$uri = $request->getStr('uri');
$proxy = id(new PhabricatorFileProxyImage())->loadOneWhere(
'uri = %s',
$uri);
if (!$proxy) {
+ // This write is fine to skip CSRF checks for, we're just building a
+ // cache of some remote image.
+ $unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
+
$file = PhabricatorFile::newFromFileDownload(
$uri,
nonempty(basename($uri), 'proxied-file'));
if ($file) {
$proxy = new PhabricatorFileProxyImage();
$proxy->setURI($uri);
$proxy->setFilePHID($file->getPHID());
$proxy->save();
}
+
+ unset($unguarded);
}
if ($proxy) {
$view_uri = PhabricatorFileURI::getViewURIForPHID($proxy->getFilePHID());
return id(new AphrontRedirectResponse())->setURI($view_uri);
}
return new Aphront400Response();
}
}
diff --git a/src/applications/files/controller/proxy/__init__.php b/src/applications/files/controller/proxy/__init__.php
index f8c7b15690..be1d269685 100644
--- a/src/applications/files/controller/proxy/__init__.php
+++ b/src/applications/files/controller/proxy/__init__.php
@@ -1,20 +1,21 @@
<?php
/**
* This file is automatically generated. Lint this module to rebuild it.
* @generated
*/
phutil_require_module('phabricator', 'aphront/response/400');
phutil_require_module('phabricator', 'aphront/response/redirect');
+phutil_require_module('phabricator', 'aphront/writeguard');
phutil_require_module('phabricator', 'applications/files/controller/base');
phutil_require_module('phabricator', 'applications/files/storage/file');
phutil_require_module('phabricator', 'applications/files/storage/proxyimage');
phutil_require_module('phabricator', 'applications/files/uri');
phutil_require_module('phabricator', 'infrastructure/env');
phutil_require_module('phutil', 'utils');
phutil_require_source('PhabricatorFileProxyController.php');

File Metadata

Mime Type
text/x-diff
Expires
Sat, Nov 15, 1:10 AM (1 d, 1 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
337375
Default Alt Text
(3 KB)

Event Timeline

styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)