1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fixed [minor improment] ETag header should be quoted-string

Discussion in 'Resolved Bug Reports' started by Gia Bảo, Mar 14, 2014.

  1. Gia Bảo

    Gia Bảo Member

    ETag HTTP header XF controller Attachment (Public & Admin) is just $attachment['attach_date'] without quotes.
    Arcoding to RFC2612#sec3.11, this is not a valid ETag header.
    This issue can be fixed by apply the following patches:

    Left base folder: /xenforo_1.2.5_x_full.zip
    Right base folder: /xf_modified
    diff -r upload/library/XenForo/ControllerAdmin/Attachment.php upload/library/XenForo/ControllerAdmin/Attachment.php
    187c187
    < if ($eTag && $eTag == $attachment['attach_date'])
    ---
    > if ($eTag && $eTag == '"'.$attachment['attach_date'].'"')

    diff -r upload/library/XenForo/ControllerPublic/Attachment.php upload/library/XenForo/ControllerPublic/Attachment.php
    40c40
    < if ($eTag && $eTag == $attachment['attach_date'])
    ---
    > if ($eTag && $eTag == '"'.$attachment['attach_date'].'"')

    diff -r upload/library/XenForo/ViewAdmin/Attachment/View.php upload/library/XenForo/ViewAdmin/Attachment/View.php
    35c35
    < $this->_response->setHeader('ETag', $attachment['attach_date'], true);
    ---
    > $this->_response->setHeader('ETag', '"'.$attachment['attach_date'].'"', true);

    diff -r upload/library/XenForo/ViewPublic/Attachment/View.php upload/library/XenForo/ViewPublic/Attachment/View.php
    34c34
    < $this->_response->setHeader('ETag', $attachment['attach_date'], true);
    ---
    > $this->_response->setHeader('ETag', '"'.$attachment['attach_date'].'"', true);
     
    Last edited by a moderator: Mar 14, 2014
  2. Gia Bảo

    Gia Bảo Member

    The attachment is a diff file againt XF 1.3.0

    Note that, I change file library/Sabre/Sabre/DAV/FSExt/File.php. The newer version of Sabre also change like that.
     

    Attached Files:

  3. Mike

    Mike XenForo Developer Staff Member

    Good catch, I've fixed this now.
     

Share This Page