-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding Chi's GetHead middleware #14541
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Before moving to Chi, HEAD requests were automatically answered by GET handlers (SetAutoHead(true) from macaron was used). This Change will restore the previous behaviour.
faridtsl
added a commit
to faridtsl/gitea
that referenced
this pull request
Feb 1, 2021
This change adds the header Content-Length to HEAD HTTP requests. The previous behaviour was blocking some Windows executables (i.e bitsadmin.exe) from downloading files hosted in Gitea. This along with PR go-gitea#14541, makes the web server compliant with HTTP RFC 2616 which states "The methods GET and HEAD MUST be supported by all general-purpose servers" and "The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response." This should also respond to issues go-gitea#8030 and go-gitea#14532.
zeripath
approved these changes
Feb 1, 2021
GiteaBot
added
the
lgtm/need 1
This PR needs approval from one additional maintainer to be merged.
label
Feb 1, 2021
6543
added
type/bug
skip-changelog
This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features.
labels
Feb 1, 2021
lunny
approved these changes
Feb 2, 2021
GiteaBot
added
lgtm/done
This PR has enough approvals to get merged. There are no important open reservations anymore.
and removed
lgtm/need 1
This PR needs approval from one additional maintainer to be merged.
labels
Feb 2, 2021
🚀 |
a1012112796
added a commit
to a1012112796/gitea
that referenced
this pull request
Feb 3, 2021
* master: (28 commits) [Docs] Clone filters (go-gitea#14555) update docs to show latest stable version (1.13.2) (go-gitea#14550) Adding Chi's GetHead middleware (go-gitea#14541) Changelog v1.13.2 (go-gitea#14535) (go-gitea#14543) [skip ci] Updated translations via Crowdin [API] List, Check, Add & delete endpoints for repository teams (go-gitea#13630) [skip ci] Updated translations via Crowdin rm redirect (go-gitea#14534) Upgrade 'css-minimizer-webpack-plugin' to the latest version (go-gitea#14527) Set the name Mapper in migrations (go-gitea#14526) Internal ssh server respect Ciphers, MACs and KeyExchanges settings (go-gitea#14523) Move middlewares to web/middleware (go-gitea#14480) Add Doctor FixWrongUserType (go-gitea#14522) [skip ci] Updated translations via Crowdin noop (go-gitea#14521) Update docs and comments to remove macaron (go-gitea#14491) [skip ci] Updated translations via Crowdin Fix json charset bug (go-gitea#14514) enhancement: add signoff option in commit form (go-gitea#14516) Fix load time bug (go-gitea#14508) ...
6543
pushed a commit
that referenced
this pull request
Feb 5, 2021
* Add Content-Length header to HEAD requests This change adds the header Content-Length to HEAD HTTP requests. The previous behaviour was blocking some Windows executables (i.e bitsadmin.exe) from downloading files hosted in Gitea. This along with PR #14541, makes the web server compliant with HTTP RFC 2616 which states "The methods GET and HEAD MUST be supported by all general-purpose servers" and "The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response." This should also respond to issues #8030 and #14532. * This change adds the header Content-Length to HEAD HTTP requests Pass the Size of the content as a parameter to ServeData() instead of calculating it using ioutil.ReadAll(reader) --> this call is dangerous and can result in a denial of service. * Add Content-Length header to HEAD requests Quick fix for imported dependency not used. * Check if size is positiv int ... Co-authored-by: zeripath <art27@cantab.net>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
lgtm/done
This PR has enough approvals to get merged. There are no important open reservations anymore.
skip-changelog
This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features.
type/bug
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Before moving to Chi, HEAD requests were automatically answered by GET
handlers (SetAutoHead(true) from macaron was used).
This Change will restore the previous behaviour.