From 9dd28def67d7ece06f90f81c2c40fa00bdecd469 Mon Sep 17 00:00:00 2001 From: Tom Moor Date: Mon, 18 Jul 2022 21:49:13 +0100 Subject: [PATCH] fix: Force download of public attachments --- server/utils/s3.ts | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/server/utils/s3.ts b/server/utils/s3.ts index 160691db5269..0e21b809568f 100644 --- a/server/utils/s3.ts +++ b/server/utils/s3.ts @@ -1,8 +1,9 @@ import crypto from "crypto"; import util from "util"; -import AWS from "aws-sdk"; +import AWS, { S3 } from "aws-sdk"; import { addHours, format } from "date-fns"; import fetch from "fetch-with-proxy"; +import { compact } from "lodash"; import { useAgent } from "request-filtering-agent"; import { v4 as uuidv4 } from "uuid"; import env from "@server/env"; @@ -30,7 +31,11 @@ const s3 = new AWS.S3({ signatureVersion: "v4", }); -const createPresignedPost = util.promisify(s3.createPresignedPost).bind(s3); +const createPresignedPost: ( + params: S3.PresignedPost.Params +) => Promise = util + .promisify(s3.createPresignedPost) + .bind(s3); const hmac = ( key: string | Buffer, @@ -107,14 +112,15 @@ export const getPresignedPost = ( ) => { const params = { Bucket: process.env.AWS_S3_UPLOAD_BUCKET_NAME, - Conditions: [ + Conditions: compact([ process.env.AWS_S3_UPLOAD_MAX_SIZE ? ["content-length-range", 0, +process.env.AWS_S3_UPLOAD_MAX_SIZE] : undefined, ["starts-with", "$Content-Type", contentType], ["starts-with", "$Cache-Control", ""], - ].filter(Boolean), + ]), Fields: { + "Content-Disposition": "attachment", key, acl, }, @@ -164,6 +170,7 @@ export const uploadToS3FromBuffer = async ( Key: key, ContentType: contentType, ContentLength: buffer.length, + ContentDisposition: "attachment", Body: buffer, }) .promise(); @@ -197,6 +204,7 @@ export const uploadToS3FromUrl = async ( Key: key, ContentType: res.headers["content-type"], ContentLength: res.headers["content-length"], + ContentDisposition: "attachment", Body: buffer, }) .promise();