fix: [API] Cleanup compression marks added by Apache from Etag

2024-03-22 16:32:38 +01:00 · 2024-03-22 16:32:38 +01:00 · 0763b826cf
parent 317fd056b4
commit 0763b826cf
1 changed files with 25 additions and 4 deletions
--- a/app/Controller/Component/RestResponseComponent.php
+++ b/app/Controller/Component/RestResponseComponent.php
@ -671,9 +671,10 @@ class RestResponseComponent extends Component
        }

        if ($response instanceof TmpFileTool) {
-            if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
+            $requestEtag = $this->requestEtag();
+            if ($requestEtag !== null) {
                $etag = '"' . $response->hash('sha1') . '"';
-                if ($_SERVER['HTTP_IF_NONE_MATCH'] === $etag) {
+                if ($requestEtag === $etag) {
                    return new CakeResponse(['status' => 304]);
                }
                $headers['ETag'] = $etag;
@ -689,9 +690,10 @@ class RestResponseComponent extends Component
            }
        } else {
            // Check if resource was changed when `If-None-Match` header is send and return 304 Not Modified
-            if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
+            $requestEtag = $this->requestEtag();
+            if ($requestEtag !== null) {
                $etag = '"' . sha1($response) . '"';
-                if ($_SERVER['HTTP_IF_NONE_MATCH'] === $etag) {
+                if ($requestEtag === $etag) {
                    return new CakeResponse(['status' => 304]);
                }
                // Generate etag just when HTTP_IF_NONE_MATCH is set
@ -724,6 +726,25 @@ class RestResponseComponent extends Component
        return $cakeResponse;
    }

+    /**
+     * Return etag from If-None-Match HTTP request header without compression marks added by Apache
+     * @return string|null
+     */
+    private function requestEtag()
+    {
+        if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) {
+            // Remove compression marks that adds Apache for compressed content
+            $requestEtag = $_SERVER['HTTP_IF_NONE_MATCH'];
+            $etagWithoutQuotes = trim($requestEtag, '"');
+            $dashPos = strrpos($etagWithoutQuotes, '-');
+            if ($dashPos && in_array(substr($etagWithoutQuotes, $dashPos + 1), ['br', 'gzip'], true)) {
+                return '"' . substr($etagWithoutQuotes, 0, $dashPos) . '"';
+            }
+            return $requestEtag;
+        }
+        return null;
+    }
+
    /**
     * @param string $response
     * @return string Signature as base64 encoded string