feat: open file original in a new tab via authenticated direct link
The file viewer's preview is now a real link (target=_blank) to the original, instead of fetching it into a blob. A navigation can't send the auth header, so the access token rides in the query — the auth middleware accepts ?access_token= as a fallback, but only for GET, so a crafted link can't drive a mutation. GetContent gains an ?inline=1 toggle (Content-Disposition: inline) so the tab views the original instead of downloading it; download stays the default. Documented in openapi.yaml; TestMediaQueryTokenAuth covers GET-with-query-token (200), missing token (401) and query-token rejected on a non-GET (401). Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
@@ -402,9 +402,14 @@ func (h *FileHandler) GetContent(c *gin.Context) {
|
||||
|
||||
c.Header("Content-Type", res.MIMEType)
|
||||
c.Header("Cache-Control", "private, max-age=3600")
|
||||
// Default to attachment (download); ?inline=1 serves it for in-tab viewing.
|
||||
disposition := "attachment"
|
||||
if c.Query("inline") == "1" {
|
||||
disposition = "inline"
|
||||
}
|
||||
if res.OriginalName != nil {
|
||||
c.Header("Content-Disposition",
|
||||
fmt.Sprintf("attachment; filename=%q", *res.OriginalName))
|
||||
fmt.Sprintf("%s; filename=%q", disposition, *res.OriginalName))
|
||||
}
|
||||
c.Status(http.StatusOK)
|
||||
io.Copy(c.Writer, res.Body) //nolint:errcheck
|
||||
|
||||
Reference in New Issue
Block a user