projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
10111: Merge branch 'master' into 10111-cr-provenance-graph
[arvados.git] / services / keep-web / handler.go
diff --git a/services/keep-web/handler.go b/services/keep-web/handler.go
index 8dee88d485e40003b1c4f70d3f1cf86354a67a9e..620ed9cfb4ee115a10e573fcd4420584730a7e9f 100644 (file)
--- a/services/keep-web/handler.go
+++ b/services/keep-web/handler.go
@@ -4,7 +4,6 @@ import (
        "fmt"
        "html"
        "io"
-       "mime"
        "net/http"
        "net/url"
        "os"
@@ -95,6 +94,20 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
                httpserver.Log(remoteAddr, statusCode, statusText, w.WroteBodyBytes(), r.Method, r.Host, r.URL.Path, r.URL.RawQuery)
        }()
 
+       if r.Method == "OPTIONS" {
+               method := r.Header.Get("Access-Control-Request-Method")
+               if method != "GET" && method != "POST" {
+                       statusCode = http.StatusMethodNotAllowed
+                       return
+               }
+               w.Header().Set("Access-Control-Allow-Headers", "Range")
+               w.Header().Set("Access-Control-Allow-Methods", "GET, POST")
+               w.Header().Set("Access-Control-Allow-Origin", "*")
+               w.Header().Set("Access-Control-Max-Age", "86400")
+               statusCode = http.StatusOK
+               return
+       }
+
        if r.Method != "GET" && r.Method != "POST" {
                statusCode, statusText = http.StatusMethodNotAllowed, r.Method
                return
@@ -144,17 +157,19 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
        } else if len(pathParts) >= 3 && pathParts[0] == "collections" {
                if len(pathParts) >= 5 && pathParts[1] == "download" {
                        // /collections/download/ID/TOKEN/PATH...
-                       targetID = pathParts[2]
+                       targetID = parseCollectionIDFromURL(pathParts[2])
                        tokens = []string{pathParts[3]}
                        targetPath = pathParts[4:]
                        pathToken = true
                } else {
                        // /collections/ID/PATH...
-                       targetID = pathParts[1]
+                       targetID = parseCollectionIDFromURL(pathParts[1])
                        tokens = h.Config.AnonymousTokens
                        targetPath = pathParts[2:]
                }
-       } else {
+       }
+
+       if targetID == "" {
                statusCode = http.StatusNotFound
                return
        }
@@ -336,29 +351,15 @@ func (h *handler) ServeHTTP(wOrig http.ResponseWriter, r *http.Request) {
        }
        defer rdr.Close()
 
-       basenamePos := strings.LastIndex(filename, "/")
-       if basenamePos < 0 {
-               basenamePos = 0
-       }
-       extPos := strings.LastIndex(filename, ".")
-       if extPos > basenamePos {
-               // Now extPos is safely >= 0.
-               if t := mime.TypeByExtension(filename[extPos:]); t != "" {
-                       w.Header().Set("Content-Type", t)
-               }
-       }
-       if rdr, ok := rdr.(keepclient.Reader); ok {
-               w.Header().Set("Content-Length", fmt.Sprintf("%d", rdr.Len()))
-       }
-
-       applyContentDispositionHdr(w, r, filename[basenamePos:], attachment)
+       basename := path.Base(filename)
+       applyContentDispositionHdr(w, r, basename, attachment)
 
        modstr, _ := collection["modified_at"].(string)
        modtime, err := time.Parse(time.RFC3339Nano, modstr)
        if err != nil {
                modtime = time.Now()
        }
-       http.ServeContent(w, r, path.Base(filename), modtime, rdr)
+       http.ServeContent(w, r, basename, modtime, rdr)
 }
 
 func applyContentDispositionHdr(w http.ResponseWriter, r *http.Request, filename string, isAttachment bool) {