call WriteHeader after last change to header map (#542)

* call WriteHeader after last change to header map

* fix reader/decryptionReader
This commit is contained in:
Andrea Spacca 2023-04-05 23:30:58 +09:00 committed by GitHub
parent 3dcbfe2e4d
commit a5dacb36a9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1232,16 +1232,8 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Remaining-Downloads", remainingDownloads)
w.Header().Set("X-Remaining-Days", remainingDays)
if rng != nil && rng.ContentRange() != "" {
w.WriteHeader(http.StatusPartialContent)
}
if disposition == "inline" && canContainsXSS(contentType) {
reader = io.NopCloser(bluemonday.UGCPolicy().SanitizeReader(reader))
}
password := r.Header.Get("X-Decrypt-Password")
decryptionReader, err := attachDecryptionReader(reader, password)
reader, err = attachDecryptionReader(reader, password)
if err != nil {
http.Error(w, "Could not decrypt file", http.StatusInternalServerError)
return
@ -1256,7 +1248,15 @@ func (s *Server) getHandler(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Length", strconv.FormatUint(contentLength, 10))
w.Header().Set("Vary", "Range, Referer, X-Decrypt-Password")
if _, err = io.Copy(w, decryptionReader); err != nil {
if rng != nil && rng.ContentRange() != "" {
w.WriteHeader(http.StatusPartialContent)
}
if disposition == "inline" && canContainsXSS(contentType) {
reader = io.NopCloser(bluemonday.UGCPolicy().SanitizeReader(reader))
}
if _, err = io.Copy(w, reader); err != nil {
s.logger.Printf("%s", err.Error())
http.Error(w, "Error occurred copying to output stream", http.StatusInternalServerError)
return