2011-06-29 09:38:09 -04:00
|
|
|
require 'action_controller/metal/exceptions'
|
2010-07-20 03:55:24 -04:00
|
|
|
|
2005-05-22 04:58:43 -04:00
|
|
|
module ActionController #:nodoc:
|
2009-02-24 07:29:25 -05:00
|
|
|
# Methods for sending arbitrary data and for streaming files to the browser,
|
|
|
|
# instead of rendering.
|
2011-04-18 02:17:47 -04:00
|
|
|
module DataStreaming
|
2009-05-28 12:35:36 -04:00
|
|
|
extend ActiveSupport::Concern
|
2009-05-21 16:03:52 -04:00
|
|
|
|
2009-12-20 20:15:31 -05:00
|
|
|
include ActionController::Rendering
|
2009-05-21 16:03:52 -04:00
|
|
|
|
2012-04-30 03:12:55 -04:00
|
|
|
DEFAULT_SEND_FILE_TYPE = 'application/octet-stream'.freeze #:nodoc:
|
|
|
|
DEFAULT_SEND_FILE_DISPOSITION = 'attachment'.freeze #:nodoc:
|
2005-05-22 04:58:43 -04:00
|
|
|
|
|
|
|
protected
|
2010-02-23 20:03:06 -05:00
|
|
|
# Sends the file. This uses a server-appropriate method (such as X-Sendfile)
|
|
|
|
# via the Rack::Sendfile middleware. The header to use is set via
|
2012-04-28 01:46:45 -04:00
|
|
|
# +config.action_dispatch.x_sendfile_header+.
|
2010-02-23 20:03:06 -05:00
|
|
|
# Your server can also configure this for you by setting the X-Sendfile-Type header.
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
2008-07-16 08:00:36 -04:00
|
|
|
# Be careful to sanitize the path parameter if it is coming from a web
|
2008-05-02 09:45:23 -04:00
|
|
|
# page. <tt>send_file(params[:path])</tt> allows a malicious user to
|
2005-05-22 04:58:43 -04:00
|
|
|
# download any file on your server.
|
|
|
|
#
|
|
|
|
# Options:
|
|
|
|
# * <tt>:filename</tt> - suggests a filename for the browser to use.
|
2008-05-02 09:45:23 -04:00
|
|
|
# Defaults to <tt>File.basename(path)</tt>.
|
2011-06-28 00:57:41 -04:00
|
|
|
# * <tt>:type</tt> - specifies an HTTP content type.
|
|
|
|
# You can specify either a string or a symbol for a registered type register with
|
|
|
|
# <tt>Mime::Type.register</tt>, for example :json
|
|
|
|
# If omitted, type will be guessed from the file extension specified in <tt>:filename</tt>.
|
|
|
|
# If no content type is registered for the extension, default type 'application/octet-stream' will be used.
|
2008-01-11 17:07:04 -05:00
|
|
|
# * <tt>:disposition</tt> - specifies whether the file will be shown inline or downloaded.
|
2005-05-22 04:58:43 -04:00
|
|
|
# Valid values are 'inline' and 'attachment' (default).
|
2011-10-12 02:44:19 -04:00
|
|
|
# * <tt>:status</tt> - specifies the status code to send with the response. Defaults to 200.
|
2008-05-02 09:45:23 -04:00
|
|
|
# * <tt>:url_based_filename</tt> - set to +true+ if you want the browser guess the filename from
|
2008-01-11 17:07:04 -05:00
|
|
|
# the URL, which is necessary for i18n filenames on certain browsers
|
2008-05-02 09:45:23 -04:00
|
|
|
# (setting <tt>:filename</tt> overrides this option).
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# The default Content-Type and Content-Disposition headers are
|
|
|
|
# set to download arbitrary binary files in as many browsers as
|
2011-05-23 19:22:33 -04:00
|
|
|
# possible. IE versions 4, 5, 5.5, and 6 are all known to have
|
2005-05-22 04:58:43 -04:00
|
|
|
# a variety of quirks (especially when downloading over SSL).
|
|
|
|
#
|
|
|
|
# Simple download:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2005-05-22 04:58:43 -04:00
|
|
|
# send_file '/path/to.zip'
|
|
|
|
#
|
2006-06-01 20:51:56 -04:00
|
|
|
# Show a JPEG in the browser:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2012-10-27 16:05:27 -04:00
|
|
|
# send_file '/path/to.jpeg', type: 'image/jpeg', disposition: 'inline'
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
2006-06-01 20:51:56 -04:00
|
|
|
# Show a 404 page in the browser:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2012-10-27 16:05:27 -04:00
|
|
|
# send_file '/path/to/404.html', type: 'text/html; charset=utf-8', status: 404
|
2006-06-01 20:51:56 -04:00
|
|
|
#
|
2005-05-22 04:58:43 -04:00
|
|
|
# Read about the other Content-* HTTP headers if you'd like to
|
2008-05-02 09:45:23 -04:00
|
|
|
# provide the user with more information (such as Content-Description) in
|
|
|
|
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11.
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# Also be aware that the document may be cached by proxies and browsers.
|
|
|
|
# The Pragma and Cache-Control headers declare how the file may be cached
|
2011-05-23 19:22:33 -04:00
|
|
|
# by intermediaries. They default to require clients to validate with
|
|
|
|
# the server before releasing cached responses. See
|
2005-05-22 04:58:43 -04:00
|
|
|
# http://www.mnot.net/cache_docs/ for an overview of web caching and
|
|
|
|
# http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9
|
|
|
|
# for the Cache-Control header spec.
|
|
|
|
def send_file(path, options = {}) #:doc:
|
|
|
|
raise MissingFile, "Cannot read file #{path}" unless File.file?(path) and File.readable?(path)
|
|
|
|
|
2007-02-09 06:25:37 -05:00
|
|
|
options[:filename] ||= File.basename(path) unless options[:url_based_filename]
|
2005-05-22 04:58:43 -04:00
|
|
|
send_file_headers! options
|
|
|
|
|
2010-02-23 20:03:06 -05:00
|
|
|
self.status = options[:status] || 200
|
|
|
|
self.content_type = options[:content_type] if options.key?(:content_type)
|
2012-04-12 12:52:41 -04:00
|
|
|
self.response_body = FileBody.new(path)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Avoid having to pass an open file handle as the response body.
|
2012-08-15 09:21:30 -04:00
|
|
|
# Rack::Sendfile will usually intercept the response and uses
|
|
|
|
# the path directly, so there is no reason to open the file.
|
2012-04-12 12:52:41 -04:00
|
|
|
class FileBody #:nodoc:
|
|
|
|
attr_reader :to_path
|
|
|
|
|
|
|
|
def initialize(path)
|
|
|
|
@to_path = path
|
|
|
|
end
|
|
|
|
|
|
|
|
# Stream the file's contents if Rack::Sendfile isn't present.
|
|
|
|
def each
|
|
|
|
File.open(to_path, 'rb') do |file|
|
|
|
|
while chunk = file.read(16384)
|
|
|
|
yield chunk
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2005-05-22 04:58:43 -04:00
|
|
|
end
|
|
|
|
|
2009-02-24 07:29:25 -05:00
|
|
|
# Sends the given binary data to the browser. This method is similar to
|
2012-10-27 16:05:27 -04:00
|
|
|
# <tt>render text: data</tt>, but also allows you to specify whether
|
2009-02-24 07:29:25 -05:00
|
|
|
# the browser should display the response as a file attachment (i.e. in a
|
|
|
|
# download dialog) or as inline data. You may also set the content type,
|
|
|
|
# the apparent file name, and other things.
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# Options:
|
2008-05-02 09:45:23 -04:00
|
|
|
# * <tt>:filename</tt> - suggests a filename for the browser to use.
|
2008-12-21 13:58:55 -05:00
|
|
|
# * <tt>:type</tt> - specifies an HTTP content type. Defaults to 'application/octet-stream'. You can specify
|
|
|
|
# either a string or a symbol for a registered type register with <tt>Mime::Type.register</tt>, for example :json
|
2011-06-28 00:57:41 -04:00
|
|
|
# If omitted, type will be guessed from the file extension specified in <tt>:filename</tt>.
|
|
|
|
# If no content type is registered for the extension, default type 'application/octet-stream' will be used.
|
2008-01-11 17:07:04 -05:00
|
|
|
# * <tt>:disposition</tt> - specifies whether the file will be shown inline or downloaded.
|
2005-05-22 04:58:43 -04:00
|
|
|
# Valid values are 'inline' and 'attachment' (default).
|
2011-10-12 02:44:19 -04:00
|
|
|
# * <tt>:status</tt> - specifies the status code to send with the response. Defaults to 200.
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# Generic data download:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2005-05-22 04:58:43 -04:00
|
|
|
# send_data buffer
|
|
|
|
#
|
|
|
|
# Download a dynamically-generated tarball:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2012-10-27 16:05:27 -04:00
|
|
|
# send_data generate_tgz('dir'), filename: 'dir.tgz'
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# Display an image Active Record in the browser:
|
2008-05-02 09:45:23 -04:00
|
|
|
#
|
2012-10-27 16:05:27 -04:00
|
|
|
# send_data image.data, type: image.content_type, disposition: 'inline'
|
2005-05-22 04:58:43 -04:00
|
|
|
#
|
|
|
|
# See +send_file+ for more information on HTTP Content-* headers and caching.
|
|
|
|
def send_data(data, options = {}) #:doc:
|
2012-04-30 03:15:41 -04:00
|
|
|
send_file_headers! options
|
2010-02-23 18:37:17 -05:00
|
|
|
render options.slice(:status, :content_type).merge(:text => data)
|
2005-05-22 04:58:43 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
def send_file_headers!(options)
|
2011-06-28 00:57:41 -04:00
|
|
|
type_provided = options.has_key?(:type)
|
2011-12-21 14:28:40 -05:00
|
|
|
|
2012-04-30 03:12:55 -04:00
|
|
|
content_type = options.fetch(:type, DEFAULT_SEND_FILE_TYPE)
|
|
|
|
raise ArgumentError, ":type option required" if content_type.nil?
|
2009-06-15 14:21:08 -04:00
|
|
|
|
2008-12-21 13:58:55 -05:00
|
|
|
if content_type.is_a?(Symbol)
|
2010-02-23 20:03:06 -05:00
|
|
|
extension = Mime[content_type]
|
|
|
|
raise ArgumentError, "Unknown MIME type #{options[:type]}" unless extension
|
|
|
|
self.content_type = extension
|
2009-06-15 14:21:08 -04:00
|
|
|
else
|
2011-06-28 00:57:41 -04:00
|
|
|
if !type_provided && options[:filename]
|
|
|
|
# If type wasn't provided, try guessing from file extension.
|
2012-04-03 09:16:09 -04:00
|
|
|
content_type = Mime::Type.lookup_by_extension(File.extname(options[:filename]).downcase.delete('.')) || content_type
|
2011-06-28 00:57:41 -04:00
|
|
|
end
|
2009-06-15 14:21:08 -04:00
|
|
|
self.content_type = content_type
|
2008-12-21 13:58:55 -05:00
|
|
|
end
|
|
|
|
|
2012-04-30 03:12:55 -04:00
|
|
|
disposition = options.fetch(:disposition, DEFAULT_SEND_FILE_DISPOSITION)
|
|
|
|
unless disposition.nil?
|
|
|
|
disposition += %(; filename="#{options[:filename]}") if options[:filename]
|
|
|
|
headers['Content-Disposition'] = disposition
|
|
|
|
end
|
|
|
|
|
|
|
|
headers['Content-Transfer-Encoding'] = 'binary'
|
2005-09-25 02:53:42 -04:00
|
|
|
|
Got overhead down from 127 to 85. All tests pass:
* Tentatively replaced HeaderHash with SimpleHeaderHash, which does not preserve
case but does handle converting Arrays to Strings in to_hash. This requires
further discussion.
* Moved default_charset to ActionDispatch::Response to avoid having to hop over
to ActionController. Ideally, this would be a constant on AD::Response, but
some tests expect to be able to change it dynamically and I didn't want to change
them yet.
* Completely override #initialize from Rack::Response. Previously, it was creating
a HeaderHash, and then we were creating an entirely new one. There is no way to
call super without incurring the overhead of creating a HeaderHash.
* Override #write from Rack::Response. Its implementation tracks Content-Length,
and doing so adds additional overhead that could be mooted if other middleware
changes the body. It is more efficiently done at the top-level server.
* Change sending_file to an instance_variable instead of header inspection. In
general, if a state is important, it should be set as a property of the response
not reconstructed later.
* Set the Etag to @body instead of .body. AS::Cache.expand_cache_key handles
Arrays fine, and it's more efficient to let it handle the body parts, since
it is not forced to create a joined String.
* If we detect the default cache control case, just set it, rather than setting
the constituent parts and then running the normal (expensive) code to generate
the string.
2009-08-10 11:40:41 -04:00
|
|
|
response.sending_file = true
|
|
|
|
|
2005-09-25 02:53:42 -04:00
|
|
|
# Fix a problem with IE 6.0 on opening downloaded files:
|
2008-01-11 17:07:04 -05:00
|
|
|
# If Cache-Control: no-cache is set (which Rails does by default),
|
|
|
|
# IE removes the file it just downloaded from its cache immediately
|
|
|
|
# after it displays the "open/save" dialog, which means that if you
|
|
|
|
# hit "open" the file isn't there anymore when the application that
|
2005-09-25 02:53:42 -04:00
|
|
|
# is called for handling the download is run, so let's workaround that
|
2009-07-31 00:00:39 -04:00
|
|
|
response.cache_control[:public] ||= false
|
2005-05-22 04:58:43 -04:00
|
|
|
end
|
|
|
|
end
|
2006-06-01 20:51:56 -04:00
|
|
|
end
|