Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adding Chi's GetHead middleware #14541

Merged
merged 2 commits into from
Feb 2, 2021
Merged

Adding Chi's GetHead middleware #14541

merged 2 commits into from
Feb 2, 2021

Conversation

faridtsl
Copy link
Contributor

@faridtsl faridtsl commented Feb 1, 2021

Before moving to Chi, HEAD requests were automatically answered by GET
handlers (SetAutoHead(true) from macaron was used).

This Change will restore the previous behaviour.

@faridtsl
Adding Chi's GetHead middleware
86d398a 
Before moving to Chi, HEAD requests were automatically answered by GET
handlers (SetAutoHead(true) from macaron was used).

This Change will restore the previous behaviour.
faridtsl added a commit to faridtsl/gitea that referenced this pull request Feb 1, 2021
@faridtsl
Add Content-Length header to HEAD requests
46122fe 
This change adds the header Content-Length to HEAD HTTP requests.

The previous behaviour was blocking some Windows executables (i.e
bitsadmin.exe) from downloading files hosted in Gitea.

This along with PR go-gitea#14541, makes the web server compliant with HTTP RFC 2616 which states
"The methods GET and HEAD MUST be supported by all general-purpose servers"
and
"The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response."

This should also respond to issues go-gitea#8030 and go-gitea#14532.
@faridtsl faridtsl mentioned this pull request Feb 1, 2021
Merged
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Feb 1, 2021
@6543 6543 added type/bug skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. labels Feb 1, 2021
@6543 6543 added this to the 1.14.0 milestone Feb 1, 2021
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 2, 2021
@lafriks
Copy link
Member

lafriks commented Feb 2, 2021

🚀

@lafriks lafriks merged commit 1737a76 into go-gitea:master Feb 2, 2021
a1012112796 added a commit to a1012112796/gitea that referenced this pull request Feb 3, 2021
@a1012112796
Merge branch 'master' into feature/dismissing_reviews
d017a10 
* master: (28 commits)
  [Docs] Clone filters (go-gitea#14555)
  update docs to show latest stable version (1.13.2) (go-gitea#14550)
  Adding Chi's GetHead middleware (go-gitea#14541)
  Changelog v1.13.2 (go-gitea#14535) (go-gitea#14543)
  [skip ci] Updated translations via Crowdin
  [API] List, Check, Add & delete endpoints for repository teams (go-gitea#13630)
  [skip ci] Updated translations via Crowdin
  rm redirect (go-gitea#14534)
  Upgrade 'css-minimizer-webpack-plugin' to the latest version (go-gitea#14527)
  Set the name Mapper in migrations (go-gitea#14526)
  Internal ssh server respect Ciphers, MACs and KeyExchanges settings (go-gitea#14523)
  Move middlewares to web/middleware (go-gitea#14480)
  Add Doctor FixWrongUserType (go-gitea#14522)
  [skip ci] Updated translations via Crowdin
  noop (go-gitea#14521)
  Update docs and comments to remove macaron (go-gitea#14491)
  [skip ci] Updated translations via Crowdin
  Fix json charset bug (go-gitea#14514)
  enhancement: add signoff option in commit form (go-gitea#14516)
  Fix load time bug (go-gitea#14508)
  ...
@6543 6543 mentioned this pull request Feb 5, 2021
Closed
6543 pushed a commit that referenced this pull request Feb 5, 2021
@faridtsl @zeripath
Add Content-Length header to HEAD requests (#14542)
f72ce26 
* Add Content-Length header to HEAD requests

This change adds the header Content-Length to HEAD HTTP requests.

The previous behaviour was blocking some Windows executables (i.e
bitsadmin.exe) from downloading files hosted in Gitea.

This along with PR #14541, makes the web server compliant with HTTP RFC 2616 which states
"The methods GET and HEAD MUST be supported by all general-purpose servers"
and
"The HEAD method is identical to GET except that the server MUST NOT return a message-body in the response."

This should also respond to issues #8030 and #14532.

* This change adds the header Content-Length to HEAD HTTP requests

Pass the Size of the content as a parameter to ServeData() instead of
calculating it using ioutil.ReadAll(reader) --> this call is dangerous
and can result in a denial of service.

* Add Content-Length header to HEAD requests

Quick fix for imported dependency not used.

* Check if size is positiv int ...

Co-authored-by: zeripath <art27@cantab.net>
@go-gitea go-gitea locked and limited conversation to collaborators Mar 11, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lunny lunny lunny approved these changes

@zeripath zeripath zeripath approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. type/bug
Projects
None yet
Milestone
1.14.0
Development

Successfully merging this pull request may close these issues.
6 participants
@faridtsl @lafriks @lunny @zeripath @GiteaBot @6543