Commit graph

20 commits

Author SHA1 Message Date
GitLab Bot
22d08de610 Add latest changes from gitlab-org/gitlab@master 2020-11-09 15:08:56 +00:00
GitLab Bot
adf76f8f1d Add latest changes from gitlab-org/gitlab@master 2020-09-04 15:08:46 +00:00
GitLab Bot
8846ca0ed6 Add latest changes from gitlab-org/gitlab@master 2020-08-31 18:10:43 +00:00
GitLab Bot
540c69c58c Add latest changes from gitlab-org/gitlab@master 2020-08-28 06:10:45 +00:00
GitLab Bot
350fd8b878 Add latest changes from gitlab-org/gitlab@master 2020-08-10 18:09:54 +00:00
GitLab Bot
640e72ca92 Add latest changes from gitlab-org/gitlab@master 2020-06-04 03:08:05 +00:00
GitLab Bot
6b9d3a4e83 Add latest changes from gitlab-org/gitlab@master 2020-01-29 18:08:47 +00:00
GitLab Bot
bd860c22f6 Add latest changes from gitlab-org/gitlab@master 2019-09-17 12:06:48 +00:00
Stan Hu
47d3610d0d Fix send_file_upload_spec.rb with right MIME type
This fixes a regression in mime-types-data:
https://github.com/mime-types/mime-types-data/pull/20
2019-06-16 16:40:22 -07:00
Sean McGivern
79dd92c818 Optimise upload path calls
String#underscore isn't particularly slow, but it's possible for us to
call it many times in a users autocomplete request, with mostly-static
values ('User', 'Group', etc.). We can memoise this and save a
surprising amount of time (around 10% of the total request time in some
cases).
2019-05-14 11:01:48 -05:00
gfyoung
93a44e135b Add some frozen string to spec/**/*.rb
Adds frozen string to the following:

* spec/bin/**/*.rb
* spec/config/**/*.rb
* spec/controllers/**/*.rb

xref https://gitlab.com/gitlab-org/gitlab-ce/issues/59758
2019-04-15 10:17:05 +00:00
Stan Hu
4193e3d475 Bump fog-aws to 3.3.0 and associated dependencies
Fixes issue with AWS V4 signatures not working with Ceph S3:
https://github.com/fog/fog-aws/issues/462
2019-02-28 22:51:03 -08:00
Stan Hu
134420f2ef Fix Content-Disposition hard-coded to attachments
Due to a regression in
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/24919,
Content-Disposition is hard-coded to `attachment` instead of `inline`.
We now use the argument `disposition` to fix that problem.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/57660
2019-02-13 11:09:52 -08:00
Stan Hu
41b51c0656 Encode Content-Disposition filenames
Users downloading non-ASCII attachments would see garbled characters.
When used with object storage, AWS S3 would return an InvalidArgument
error: Header value cannot be represented using ISO-8859-1.

Per RFC 5987 and RFC 6266, Content-Disposition should be encoded
properly. This commit takes the Rails 6 implementation of
ActiveSuppport::Http::ContentDisposition
(https://github.com/rails/rails/pull/33829) and ports it here.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/47673
2019-02-04 23:12:44 -08:00
Stan Hu
e1079ee28f MIME type application/javascript -> application/ecmascript 2018-11-10 06:31:29 -08:00
Kamil Trzciński
5da2f42dc9 backport: Always proxy reports downloads
This makes to always proxy reports
2018-11-07 21:49:45 +01:00
Stan Hu
262b974123 Fix attachments not displaying inline with Google Cloud Storage
There were several issues:

1. With Google Cloud Storage, we can't override the Content-Type with
Response-Content-Type once it is set.  Setting the value to
`application/octet-stream` doesn't buy us anything. GCS defaults to
`application/octet-stream`, and AWS uses `binary/octet-stream`. Just remove
this `Content-Type` when we upload new files.

2. CarrierWave and fog-google need to support query parameters:
https://github.com/fog/fog-google/pull/409/files, https://github.com/carrierwaveuploader/carrierwave/pull/2332/files.
CarrierWave has been monkey-patched until an official release.

3. Workhorse also needs to remove the Content-Type header in the request
(ef80978ff8/internal/objectstore/object.go (L66)),
or we'll get a 403 error when uploading due to signed URLs not matching the headers.
Upgrading to Workhorse 6.1.0 for https://gitlab.com/gitlab-org/gitlab-workhorse/merge_requests/297
will make Workhorse use the headers that are used by Rails.

Closes #49957
2018-09-05 17:01:54 -07:00
Stan Hu
0c43170630 Fix cross-origin errors when attempting to download JavaScript attachments
If you upload a file with a .js extension, Rails' cross-origin JavaScript
protection will prevent a user from downloading the file with a 422 error.
Setting the content-type to `text/plain` will allow the user to download
the file as a plaintext file.

Closes #45826
2018-05-13 21:49:51 -07:00
Micaël Bergeron
44f37504fb Backport ee-40781-os-to-ce 2018-03-22 08:49:04 -04:00
Micaël Bergeron
fc6587f1f2 Add proxy_download to perform proxied sending of all files 2018-03-09 09:16:06 -05:00