Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F14357314
D15784.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
2 KB
Referenced Files
None
Subscribers
None
D15784.diff
View Options
diff --git a/src/applications/files/controller/PhabricatorFileDataController.php b/src/applications/files/controller/PhabricatorFileDataController.php
--- a/src/applications/files/controller/PhabricatorFileDataController.php
+++ b/src/applications/files/controller/PhabricatorFileDataController.php
@@ -22,25 +22,21 @@
$req_domain = $request->getHost();
$main_domain = id(new PhutilURI($base_uri))->getDomain();
-
if (!strlen($alt) || $main_domain == $alt_domain) {
// No alternate domain.
$should_redirect = false;
- $use_viewer = $viewer;
$is_alternate_domain = false;
} else if ($req_domain != $alt_domain) {
// Alternate domain, but this request is on the main domain.
$should_redirect = true;
- $use_viewer = $viewer;
$is_alternate_domain = false;
} else {
// Alternate domain, and on the alternate domain.
$should_redirect = false;
- $use_viewer = PhabricatorUser::getOmnipotentUser();
$is_alternate_domain = true;
}
- $response = $this->loadFile($use_viewer);
+ $response = $this->loadFile();
if ($response) {
return $response;
}
@@ -112,7 +108,21 @@
return $response;
}
- private function loadFile(PhabricatorUser $viewer) {
+ private function loadFile() {
+ // Access to files is provided by knowledge of a per-file secret key in
+ // the URI. Knowledge of this secret is sufficient to retrieve the file.
+
+ // For some requests, we also have a valid viewer. However, for many
+ // requests (like alternate domain requests or Git LFS requests) we will
+ // not. Even if we do have a valid viewer, use the omnipotent viewer to
+ // make this logic simpler and more consistent.
+
+ // Beyond making the policy check itself more consistent, this also makes
+ // sure we're consitent about returning HTTP 404 on bad requests instead
+ // of serving HTTP 200 with a login page, which can mislead some clients.
+
+ $viewer = PhabricatorUser::getOmnipotentUser();
+
$file = id(new PhabricatorFileQuery())
->setViewer($viewer)
->withPHIDs(array($this->phid))
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Sat, Dec 21, 3:59 AM (8 h, 48 m)
Storage Engine
blob
Storage Format
Encrypted (AES-256-CBC)
Storage Handle
6912714
Default Alt Text
D15784.diff (2 KB)
Attached To
Mode
D15784: Improve consistency of file access policies, particularly for LFS
Attached
Detach File
Event Timeline
Log In to Comment