admin/brew
1
0
Fork 0
Code Issues Packages Projects Releases 6 Wiki Activity

Merge pull request #14829 from gibfahn/incorrect_headers

Browse Source 
download_strategy: handle incorrectly quoted filename* headers
This commit is contained in:
Mike McQuaid 2023-03-08 13:07:07 +00:00 committed by GitHub
commit b6b30667f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
Library/Homebrew/download_strategy.rb
View File

@ -483,7 +483,13 @@ class CurlDownloadStrategy < AbstractFileDownloadStrategy
if (filename_with_encoding = content_disposition.parameters["filename*"]) if (filename_with_encoding = content_disposition.parameters["filename*"])
encoding, encoded_filename = filename_with_encoding.split("''", 2) encoding, encoded_filename = filename_with_encoding.split("''", 2)
filename = URI.decode_www_form_component(encoded_filename).encode(encoding) if encoding && encoded_filename # If the `filename*` has incorrectly added double quotes, e.g.
# content-disposition: attachment; filename="myapp-1.2.3.pkg"; filename*=UTF-8''"myapp-1.2.3.pkg"
# Then the encoded_filename will come back as the empty string, in which case we should fall back to the
# `filename` parameter.
if encoding.present? && encoded_filename.present?
filename = URI.decode_www_form_component(encoded_filename).encode(encoding)
end
end end
# Servers may include '/' in their Content-Disposition filename header. Take only the basename of this, because: # Servers may include '/' in their Content-Disposition filename header. Take only the basename of this, because: