aboutsummaryrefslogtreecommitdiffstats
path: root/activestorage/lib/active_storage/service/gcs_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'activestorage/lib/active_storage/service/gcs_service.rb')
-rw-r--r--activestorage/lib/active_storage/service/gcs_service.rb24
1 files changed, 16 insertions, 8 deletions
diff --git a/activestorage/lib/active_storage/service/gcs_service.rb b/activestorage/lib/active_storage/service/gcs_service.rb
index 18c0f14cfc..e2590aa35d 100644
--- a/activestorage/lib/active_storage/service/gcs_service.rb
+++ b/activestorage/lib/active_storage/service/gcs_service.rb
@@ -11,16 +11,15 @@ module ActiveStorage
@config = config
end
- def upload(key, io, checksum: nil)
+ def upload(key, io, checksum: nil, content_type: nil, disposition: nil, filename: nil)
instrument :upload, key: key, checksum: checksum do
begin
- # The official GCS client library doesn't allow us to create a file with no Content-Type metadata.
- # We need the file we create to have no Content-Type so we can control it via the response-content-type
- # param in signed URLs. Workaround: let the GCS client create the file with an inferred
- # Content-Type (usually "application/octet-stream") then clear it.
- bucket.create_file(io, key, md5: checksum).update do |file|
- file.content_type = nil
- end
+ # GCS's signed URLs don't include params such as response-content-type response-content_disposition
+ # in the signature, which means an attacker can modify them and bypass our effort to force these to
+ # binary and attachment when the file's content type requires it. The only way to force them is to
+ # store them as object's metadata.
+ content_disposition = content_disposition_with(type: disposition, filename: filename) if disposition && filename
+ bucket.create_file(io, key, md5: checksum, content_type: content_type, content_disposition: content_disposition)
rescue Google::Cloud::InvalidArgumentError
raise ActiveStorage::IntegrityError
end
@@ -43,6 +42,15 @@ module ActiveStorage
end
end
+ def update_metadata(key, content_type:, disposition: nil, filename: nil)
+ instrument :update_metadata, key: key, content_type: content_type, disposition: disposition do
+ file_for(key).update do |file|
+ file.content_type = content_type
+ file.content_disposition = content_disposition_with(type: disposition, filename: filename) if disposition && filename
+ end
+ end
+ end
+
def download_chunk(key, range)
instrument :download_chunk, key: key, range: range do
begin
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-09 04:34:11 +0000