84 | | # Figure out the size of the requested chunk |
85 | | ($start, $end) = $ENV{'HTTP_RANGE'} =~ /bytes\W+(\d*)-(\d*)\W*$/; |
86 | | if ($end < 1 || $end > $size) { |
87 | | $end = $size; |
88 | | } |
89 | | $size = $end - $start+1; |
90 | | if ($read_size > $size) { |
91 | | $read_size = $size; |
92 | | } |
93 | | print header(-status => "206 Partial Content", |
94 | | -type => $type, |
95 | | -Content_length => $size, |
96 | | -Accept_Ranges => 'bytes', |
97 | | -Content_Range => "bytes $start-$end/$total_size", |
98 | | -Last_Modified => time2str($mtime), |
99 | | -Content_disposition => " attachment; filename=\"$name.$suffix\"" |
100 | | ); |
101 | | } |
102 | | else { |
| 106 | my $http_range = $ENV{'HTTP_RANGE'}; |
| 107 | $http_range =~ s/\s*//g; # Draft doesn't /forbid/ spaces. |
| 108 | # Anything but a bytes request is either malicious or very confused. |
| 109 | unless ($http_range =~ s/^bytes=//i) { |
| 110 | print header(-status => "400 Bad Request (malformed range retrieval)" |
| 111 | ); |
| 112 | exit; |
| 113 | } |
| 114 | # By this point, $http_range should mostly contain comma-separated ranges. |
| 115 | |
| 116 | # The draft spec doesn't specify an upper limit to the number of chunks, but |
| 117 | # we darn well will--especially since nothing currently asks for more than one. |
| 118 | my @chunks = split(/,/, $http_range, 101); |
| 119 | unless (scalar(@chunks)) { |
| 120 | print header(-status => "400 Bad Request (missing range retrieval)" |
| 121 | ); |
| 122 | exit; |
| 123 | } elsif (scalar(@chunks) == 101) { |
| 124 | print header(-status => "400 Bad Request (ridiculous range retrieval)" |
| 125 | ); |
| 126 | exit; |
| 127 | } |
| 128 | |
| 129 | # This is part sanity check, part precomputation of values which will be stacked |
| 130 | # into a nice array of array refs. |
| 131 | my @refs; |
| 132 | foreach (@chunks) { |
| 133 | unless (/(\d+-|-\d+|\d+-\d+)/) { |
| 134 | print header(-status => "400 Bad Request (incoherent range retrieval)" |
| 135 | ); |
| 136 | exit; |
| 137 | } |
| 138 | if ((defined $start) && (defined $end) && ($start > $end)) { |
| 139 | print header(-status => "400 Bad Request (absurd range retrieval)" |
| 140 | ); |
| 141 | exit; |
| 142 | } |
| 143 | |
| 144 | # Technically this counts as de-tainting, if a bit overkill |
| 145 | my ($start, $end) = shift(@chunks) =~ /(\d*)-(\d*)/; |
| 146 | # Now to determine what type of range request we're looking at. |
| 147 | if (defined $start) { |
| 148 | # So, at least the starting offset is straightforward. |
| 149 | unless ($end) { |
| 150 | # From offset to the end of the file, wherever that is. |
| 151 | push(@refs, [$start, $size - 1]); |
| 152 | } else { |
| 153 | # A decent, wholesome, upstanding range request. |
| 154 | push(@refs, [$start, $end]); |
| 155 | } |
| 156 | } else { |
| 157 | # No start value means this is asking for the tail end of the file. |
| 158 | if ($end > $size - 1) { |
| 159 | # This request is larger than the file, but still salvageable. |
| 160 | push(@refs, [0, $size - 1]); |
| 161 | } else { |
| 162 | # This is a normal request for the last $end bytes of the file. |
| 163 | push(@refs, [$size - 1 - $end, $size - 1]); |
| 164 | } |
| 165 | } |
| 166 | } |
| 167 | |
| 168 | if (scalar(@refs) == 1) { |
| 169 | # Single-part range request |
| 170 | my ($start, $end) = @{$refs[0]}; |
| 171 | my $chunk_size = $end - $start + 1; |
| 172 | print header(-status => "206 Partial Content", |
| 173 | -type => $type, |
| 174 | -Content_length => $chunk_size, |
| 175 | -Accept_Ranges => 'bytes', |
| 176 | -Content_Range => "bytes $start-$end/$total_size", |
| 177 | -Last_Modified => time2str($mtime), |
| 178 | -Content_disposition => " attachment; filename=\"$name.$suffix\"" |
| 179 | ); |
| 180 | deliver_chunk($start, $end); |
| 181 | } else { |
| 182 | # Multi-part range request, which will probably never be used but hey... |
| 183 | # since we're already here, might as well take a whack at it. |
| 184 | # As weakly documented as this is defined, it may or may not work. |
| 185 | print header(-status => "206 Partial Content", |
| 186 | -type => "multipart/x-byteranges", |
| 187 | -Last_Modified => time2str($mtime), |
| 188 | -Accept_Ranges => 'bytes', # Questionable utility |
| 189 | ); |
| 190 | print multipart_init; |
| 191 | my $laziness; |
| 192 | foreach $ref (@refs) { |
| 193 | if ($laziness) { |
| 194 | print multipart_end; |
| 195 | } else { |
| 196 | $laziness=1; |
| 197 | } |
| 198 | my ($start, $end) = @{$ref}; |
| 199 | my $chunk_size = $end - $start + 1; |
| 200 | print multipart_start(-type => $type, |
| 201 | -Content_Range => "bytes $start-$end/$total_size" |
| 202 | ); |
| 203 | deliver_chunk($start, $end); |
| 204 | } |
| 205 | print multipart_final; |
| 206 | } |
| 207 | |
| 208 | } else { |