Beispiel #1
0
def attachment_view(attachment_id, extension, savefile=False):
    """
    Abruf/Download eines Attachments
    """
    attachment_info = db.get_attachment(attachment_id)
    #pprint.pprint(attachment_info)
    if attachment_info is None:
        # TODO: Rendere informativere 404 Seite
        abort(404)
    # extension doesn't match file extension (avoiding arbitrary URLs)
    proper_extension = attachment_info['filename'].split('.')[-1]
    if proper_extension != extension:
        abort(404)

    # 'file' property is not set (e.g. due to depublication)
    if 'file' not in attachment_info:
        if 'depublication' in attachment_info:
            abort(410)  # Gone
        else:
            # TODO: log this as unexplicable...
            abort(500)

    # handle conditional GET
    if 'If-Modified-Since' in request.headers:
        file_date = attachment_info['file']['uploadDate'].replace(tzinfo=None)
        request_date = util.parse_rfc1123date(request.headers['If-Modified-Since'])
        difference = file_date - request_date
        if difference < datetime.timedelta(0, 1):  # 1 second
            return Response(status=304)

    #if 'if-none-match' in request.headers:
    #    print "Conditional GET: If-None-Match"
    # TODO: handle ETag in request

    handler = db.get_file(attachment_info['file']['_id'])
    response = make_response(handler.read(), 200)
    response.mimetype = attachment_info['mimetype']
    response.headers['X-Robots-Tag'] = 'noarchive'
    response.headers['ETag'] = attachment_info['sha1']
    response.headers['Last-modified'] = util.rfc1123date(
                    attachment_info['file']['uploadDate'])
    response.headers['Expires'] = util.expires_date(
                                        hours=(24 * 30))
    response.headers['Cache-Control'] = util.cache_max_age(
                                            hours=(24 * 30))
    # Save to file option
    if savefile == True:
        response.headers['Content-Disposition'] = 'attachment; filename=%s' % attachment_info['filename']
        response.headers['X-Robots-Tag'] = 'noindex'
        # See https://support.google.com/webmasters/answer/139394
        response.headers['Link'] = '<%sanhang/%s.%s>; rel="canonical"' % (
            app.config['BASE_URL'], attachment_id, extension)
    return response
Beispiel #2
0
def attachment_download(attachment_id, extension):
    """
    Download eines Attachments
    """
    attachment_info = db.get_attachment(attachment_id)
    #pprint.pprint(attachment_info)
    if attachment_info is None:
        # TODO: Rendere informativere 404 Seite
        abort(404)
    # extension doesn't match file extension (avoiding arbitrary URLs)
    proper_extension = attachment_info['filename'].split('.')[-1]
    if proper_extension != extension:
        abort(404)

    # 'file' property is not set (e.g. due to depublication)
    if 'file' not in attachment_info:
        if 'depublication' in attachment_info:
            abort(410)  # Gone
        else:
            # TODO: log this as unexplicable...
            abort(500)

    # handle conditional GET
    if 'If-Modified-Since' in request.headers:
        file_date = attachment_info['file']['uploadDate'].replace(tzinfo=None)
        request_date = util.parse_rfc1123date(request.headers['If-Modified-Since'])
        difference = file_date - request_date
        if difference < datetime.timedelta(0, 1):  # 1 second
            return Response(status=304)

    #if 'if-none-match' in request.headers:
    #    print "Conditional GET: If-None-Match"
    # TODO: handle ETag in request

    handler = db.get_file(attachment_info['file']['_id'])
    response = make_response(handler.read(), 200)
    response.mimetype = attachment_info['mimetype']
    response.headers['X-Robots-Tag'] = 'noarchive'
    response.headers['ETag'] = attachment_info['sha1']
    response.headers['Last-modified'] = util.rfc1123date(
                    attachment_info['file']['uploadDate'])
    response.headers['Expires'] = util.expires_date(
                                        hours=(24 * 30))
    response.headers['Cache-Control'] = util.cache_max_age(
                                            hours=(24 * 30))
    return response
Beispiel #3
0
def attachment_download(attachment_id, extension):
    """
    Download eines Attachments
    """
    attachment_info = db.get_attachment(attachment_id)
    #pprint.pprint(attachment_info)
    if attachment_info is None:
        # TODO: Rendere informativere 404 Seite
        abort(404)
    # extension doesn't match file extension (avoiding arbitrary URLs)
    proper_extension = attachment_info['filename'].split('.')[-1]
    if proper_extension != extension:
        abort(404)

    # 'file' property is not set (e.g. due to depublication)
    if 'file' not in attachment_info:
        if 'depublication' in attachment_info:
            abort(410)  # Gone
        else:
            # TODO: log this as unexplicable...
            abort(500)

    # handle conditional GET
    if 'If-Modified-Since' in request.headers:
        file_date = attachment_info['file']['uploadDate'].replace(tzinfo=None)
        request_date = util.parse_rfc1123date(
            request.headers['If-Modified-Since'])
        difference = file_date - request_date
        if difference < datetime.timedelta(0, 1):  # 1 second
            return Response(status=304)

    #if 'if-none-match' in request.headers:
    #    print "Conditional GET: If-None-Match"
    # TODO: handle ETag in request

    handler = db.get_file(attachment_info['file']['_id'])
    response = make_response(handler.read(), 200)
    response.mimetype = attachment_info['mimetype']
    response.headers['X-Robots-Tag'] = 'noarchive'
    response.headers['ETag'] = attachment_info['sha1']
    response.headers['Last-modified'] = util.rfc1123date(
        attachment_info['file']['uploadDate'])
    response.headers['Expires'] = util.expires_date(hours=(24 * 30))
    response.headers['Cache-Control'] = util.cache_max_age(hours=(24 * 30))
    return response