Description:
fixed X-Sendfile restriction on output download
Commit status:
[Not Reviewed]
References:
Diff options:
Comments:
0 Commit comments
0 Inline Comments
Unresolved TODOs:
There are no unresolved TODOs
Author
Jittat Fakcharoenphol
-
r291:43d936feb73b - - 1 file changed: 9 inserted, 5 deleted
| @@ -110,101 +110,105 | |||
|
|
110 | 110 | @problems = @user.available_problems |
|
|
111 | 111 | if params[:id]==nil |
|
|
112 | 112 | @problem = nil |
|
|
113 | 113 | @submissions = nil |
|
|
114 | 114 | else |
|
|
115 | 115 | @problem = Problem.find_by_name(params[:id]) |
|
|
116 | 116 | if not @problem.available |
|
|
117 | 117 | redirect_to :action => 'list' |
|
|
118 | 118 | flash[:notice] = 'Error: submissions for that problem are not viewable.' |
|
|
119 | 119 | return |
|
|
120 | 120 | end |
|
|
121 | 121 | @submissions = Submission.find_all_by_user_problem(@user.id, @problem.id) |
|
|
122 | 122 | end |
|
|
123 | 123 | end |
|
|
124 | 124 | |
|
|
125 | 125 | def result |
|
|
126 | 126 | if !Configuration.show_grading_result |
|
|
127 | 127 | redirect_to :action => 'list' and return |
|
|
128 | 128 | end |
|
|
129 | 129 | @user = User.find(session[:user_id]) |
|
|
130 | 130 | @submission = Submission.find(params[:id]) |
|
|
131 | 131 | if @submission.user!=@user |
|
|
132 | 132 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
|
133 | 133 | redirect_to :action => 'list' and return |
|
|
134 | 134 | end |
|
|
135 | 135 | prepare_grading_result(@submission) |
|
|
136 | 136 | end |
|
|
137 | 137 | |
|
|
138 | 138 | def load_output |
|
|
139 | 139 | if !Configuration.show_grading_result or params[:num]==nil |
|
|
140 | 140 | redirect_to :action => 'list' and return |
|
|
141 | 141 | end |
|
|
142 | 142 | @user = User.find(session[:user_id]) |
|
|
143 | 143 | @submission = Submission.find(params[:id]) |
|
|
144 | 144 | if @submission.user!=@user |
|
|
145 | 145 | flash[:notice] = 'You are not allowed to view result of other users.' |
|
|
146 | 146 | redirect_to :action => 'list' and return |
|
|
147 | 147 | end |
|
|
148 | 148 | case_num = params[:num].to_i |
|
|
149 | 149 | out_filename = output_filename(@user.login, |
|
|
150 | 150 | @submission.problem.name, |
|
|
151 | 151 | @submission.id, |
|
|
152 | 152 | case_num) |
|
|
153 | 153 | if !FileTest.exists?(out_filename) |
|
|
154 | 154 | flash[:notice] = 'Output not found.' |
|
|
155 | 155 | redirect_to :action => 'list' and return |
|
|
156 | 156 | end |
|
|
157 | 157 | |
|
|
158 | - response.headers['Content-Type'] = "application/force-download" | |
|
|
159 | - response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\"" | |
|
|
160 | - response.headers["X-Sendfile"] = out_filename | |
|
|
161 |
- response.headers[ |
|
|
|
162 | - render :nothing => true | |
|
|
158 | + if defined?(USE_APACHE_XSENDFILE) and USE_APACHE_XSENDFILE | |
|
|
159 | + response.headers['Content-Type'] = "application/force-download" | |
|
|
160 | + response.headers['Content-Disposition'] = "attachment; filename=\"output-#{case_num}.txt\"" | |
|
|
161 | + response.headers["X-Sendfile"] = out_filename | |
|
|
162 | + response.headers['Content-length'] = File.size(out_filename) | |
|
|
163 | + render :nothing => true | |
|
|
164 | + else | |
|
|
165 | + send_file out_filename, :stream => false, :filename => "output-#{case_num}.txt", :type => "text/plain" | |
|
|
166 | + end | |
|
|
163 | 167 | end |
|
|
164 | 168 | |
|
|
165 | 169 | def error |
|
|
166 | 170 | @user = User.find(session[:user_id]) |
|
|
167 | 171 | end |
|
|
168 | 172 | |
|
|
169 | 173 | # announcement refreshing and hiding methods |
|
|
170 | 174 | |
|
|
171 | 175 | def announcements |
|
|
172 | 176 | if params.has_key? 'recent' |
|
|
173 | 177 | prepare_announcements(params[:recent]) |
|
|
174 | 178 | else |
|
|
175 | 179 | prepare_announcements |
|
|
176 | 180 | end |
|
|
177 | 181 | render(:partial => 'announcement', |
|
|
178 | 182 | :collection => @announcements, |
|
|
179 | 183 | :locals => {:announcement_effect => true}) |
|
|
180 | 184 | end |
|
|
181 | 185 | |
|
|
182 | 186 | protected |
|
|
183 | 187 | |
|
|
184 | 188 | def prepare_announcements(recent=nil) |
|
|
185 | 189 | if Configuration.show_tasks_to?(@user) |
|
|
186 | 190 | @announcements = Announcement.find_published(true) |
|
|
187 | 191 | else |
|
|
188 | 192 | @announcements = Announcement.find_published |
|
|
189 | 193 | end |
|
|
190 | 194 | if recent!=nil |
|
|
191 | 195 | recent_id = recent.to_i |
|
|
192 | 196 | @announcements = @announcements.find_all { |a| a.id > recent_id } |
|
|
193 | 197 | end |
|
|
194 | 198 | end |
|
|
195 | 199 | |
|
|
196 | 200 | def prepare_list_information |
|
|
197 | 201 | @user = User.find(session[:user_id]) |
|
|
198 | 202 | if not Configuration.multicontests? |
|
|
199 | 203 | @problems = problem_list_for_user(@user) |
|
|
200 | 204 | else |
|
|
201 | 205 | @contest_problems = @user.available_problems_group_by_contests |
|
|
202 | 206 | @problems = @user.available_problems |
|
|
203 | 207 | end |
|
|
204 | 208 | @prob_submissions = {} |
|
|
205 | 209 | @problems.each do |p| |
|
|
206 | 210 | sub = Submission.find_last_by_user_and_problem(@user.id,p.id) |
|
|
207 | 211 | if sub!=nil |
|
|
208 | 212 | @prob_submissions[p.id] = { :count => sub.number, :submission => sub } |
|
|
209 | 213 | else |
|
|
210 | 214 | @prob_submissions[p.id] = { :count => 0, :submission => nil } |
You need to be logged in to leave comments.
Login now