com.atlassian.confluence.servlet.download

Class AbstractAttachmentDownloadStrategy

java.lang.Object

com.atlassian.confluence.servlet.download.AbstractAttachmentDownloadStrategy

All Implemented Interfaces:

com.atlassian.plugin.servlet.DownloadStrategy

Direct Known Subclasses:

RedirectToFileStoreAttachmentDownload, ServeAfterTransactionDownload

public abstract class AbstractAttachmentDownloadStrategy
extends Object
implements com.atlassian.plugin.servlet.DownloadStrategy

Field Summary

Fields

Modifier and Type	Field and Description
protected static String	ATTACHMENT_DOWNLOAD_PATH_PREFIX
protected static String	THUMBNAIL_DOWNLOAD_PATH_PREFIX

Constructor Summary

Constructors

Constructor and Description
AbstractAttachmentDownloadStrategy()

Method Summary

Modifier and Type	Method and Description
protected String	getDecodedPath(javax.servlet.http.HttpServletRequest request) Retrieves the url decoded path of the attachment.
protected void	handleDownloadResourceNotFoundException(javax.servlet.http.HttpServletResponse response)
protected void	handleUnauthorizedDownloadResourceException(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface com.atlassian.plugin.servlet.DownloadStrategy

matches, serveFile

Field Detail

ATTACHMENT_DOWNLOAD_PATH_PREFIX

protected static final String ATTACHMENT_DOWNLOAD_PATH_PREFIX

See Also:

Constant Field Values

THUMBNAIL_DOWNLOAD_PATH_PREFIX

protected static final String THUMBNAIL_DOWNLOAD_PATH_PREFIX

See Also:

Constant Field Values

Constructor Detail

AbstractAttachmentDownloadStrategy

public AbstractAttachmentDownloadStrategy()

Method Detail

getDecodedPath

protected String getDecodedPath(javax.servlet.http.HttpServletRequest request)

Retrieves the url decoded path of the attachment.

This operation is potentially problematic because it is possible that some web server in front of us already url decoded the URL before us. The apache httpd mod_jk module does that for instance. We cannot just pass the string as already decoded, because mod_jk by default just partially decodes the URL before forwarding it to Tomcat.

Double decoding is not an issue except for plus signs. '%2B' decodes to '+' which decodes to ' '. We therefore re-encode any plus sign again to safely decode the path (We encounter a '+' sign if mod_jk already decoded %2B).

In the case where no Apache is sitting in front of Tomcat it is not possible that the path contains a plus sign because Confluence escapes plus signs in the filename as '%2B' and escapes spaces as '%20'. Therefore we can assume that any plus character in the filename was caused by URL decoding by a web server in front of our Tomcat instance.

In order to keep backwards compability with existing old links, we only re-encode the '+' sign when the v2 api revision parameter is set.

See CONF-22338 for an issue that was caused by this.

Parameters:

request -

Returns:

handleDownloadResourceNotFoundException

protected void handleDownloadResourceNotFoundException(javax.servlet.http.HttpServletResponse response)
                                                throws IOException

Throws:

IOException

handleUnauthorizedDownloadResourceException

protected void handleUnauthorizedDownloadResourceException(javax.servlet.http.HttpServletRequest request,
                                                           javax.servlet.http.HttpServletResponse response)
                                                    throws IOException

Throws:

IOException