Changeset View
Changeset View
Standalone View
Standalone View
src/applications/files/controller/PhabricatorFileDataController.php
Show First 20 Lines • Show All 129 Lines • ▼ Show 20 Lines | public function handleRequest(AphrontRequest $request) { | ||||
$response->setContentIterator($iterator); | $response->setContentIterator($iterator); | ||||
// In Chrome, we must permit this domain in "object-src" CSP when serving a | // In Chrome, we must permit this domain in "object-src" CSP when serving a | ||||
// PDF or the browser will refuse to render it. | // PDF or the browser will refuse to render it. | ||||
if (!$is_download && $file->isPDF()) { | if (!$is_download && $file->isPDF()) { | ||||
$request_uri = id(clone $request->getAbsoluteRequestURI()) | $request_uri = id(clone $request->getAbsoluteRequestURI()) | ||||
->setPath(null) | ->setPath(null) | ||||
->setFragment(null) | ->setFragment(null) | ||||
->setQueryParams(array()); | ->removeAllQueryParams(); | ||||
$response->addContentSecurityPolicyURI( | $response->addContentSecurityPolicyURI( | ||||
'object-src', | 'object-src', | ||||
(string)$request_uri); | (string)$request_uri); | ||||
} | } | ||||
return $response; | return $response; | ||||
} | } | ||||
▲ Show 20 Lines • Show All 81 Lines • Show Last 20 Lines |