Changeset View
Changeset View
Standalone View
Standalone View
src/applications/celerity/controller/CelerityResourceController.php
| Context not available. | |||||
| // Sanity checking to keep this from exposing anything sensitive, since it | // Sanity checking to keep this from exposing anything sensitive, since it | ||||
| // ultimately boils down to disk reads. | // ultimately boils down to disk reads. | ||||
| if (preg_match('@(//|\.\.)@', $path)) { | if (@preg_match('@(//|\.\.)@', $path)) { | ||||
| return new Aphront400Response(); | return new Aphront400Response(); | ||||
| } | } | ||||
| Context not available. | |||||
| $range = AphrontRequest::getHTTPHeader('Range'); | $range = AphrontRequest::getHTTPHeader('Range'); | ||||
| if (strlen($range)) { | if (@strlen($range)) { | ||||
| $response->setContentLength(strlen($data)); | $response->setContentLength(@strlen($data)); | ||||
| list($range_begin, $range_end) = $response->parseHTTPRange($range); | list($range_begin, $range_end) = $response->parseHTTPRange($range); | ||||
| if ($range_begin !== null) { | if ($range_begin !== null) { | ||||
| if ($range_end !== null) { | if ($range_end !== null) { | ||||
| $data = substr($data, $range_begin, ($range_end - $range_begin)); | $data = @substr($data, $range_begin, ($range_end - $range_begin)); | ||||
| } else { | } else { | ||||
| $data = substr($data, $range_begin); | $data = @substr($data, $range_begin); | ||||
| } | } | ||||
| } | } | ||||
| Context not available. | |||||
Content licensed under Creative Commons Attribution-ShareAlike 4.0 (CC-BY-SA) unless otherwise noted; code licensed under Apache 2.0 or other open source licenses. · CC BY-SA 4.0 · Apache 2.0