From 6f31218ecc9170daf2f907a1f98d423ba73eb2d8 Mon Sep 17 00:00:00 2001 From: Douglas Christopher Wilson Date: Fri, 17 Oct 2014 23:45:58 -0400 Subject: [PATCH] Use content-disposition module --- History.md | 3 +++ lib/response.js | 10 +++++++--- lib/utils.js | 16 ++++------------ package.json | 1 + test/res.attachment.js | 6 ++---- 5 files changed, 17 insertions(+), 19 deletions(-) diff --git a/History.md b/History.md index dcf9ca33..eed38323 100644 --- a/History.md +++ b/History.md @@ -1,6 +1,9 @@ unreleased ========== + * Use `content-disposition` module for `res.attachment`/`res.download` + - Sends standards-compliant `Content-Disposition` header + - Full Unicode support * deps: etag@~1.5.0 - Improve string performance - Slightly improve speed for weak ETags over 1KB diff --git a/lib/response.js b/lib/response.js index c26f68ac..5ba7aaf9 100644 --- a/lib/response.js +++ b/lib/response.js @@ -2,6 +2,7 @@ * Module dependencies. */ +var contentDisposition = require('content-disposition'); var deprecate = require('depd')('express'); var escapeHtml = require('escape-html'); var http = require('http'); @@ -13,7 +14,6 @@ var sign = require('cookie-signature').sign; var normalizeType = require('./utils').normalizeType; var normalizeTypes = require('./utils').normalizeTypes; var setCharset = require('./utils').setCharset; -var contentDisposition = require('./utils').contentDisposition; var statusCodes = http.STATUS_CODES; var cookie = require('cookie'); var send = require('send'); @@ -626,9 +626,13 @@ res.format = function(obj){ * @api public */ -res.attachment = function(filename){ - if (filename) this.type(extname(filename)); +res.attachment = function attachment(filename) { + if (filename) { + this.type(extname(filename)); + } + this.set('Content-Disposition', contentDisposition(filename)); + return this; }; diff --git a/lib/utils.js b/lib/utils.js index 8dd29664..4f7b365f 100644 --- a/lib/utils.js +++ b/lib/utils.js @@ -2,6 +2,8 @@ * Module dependencies. */ +var contentDisposition = require('content-disposition'); +var deprecate = require('depd')('express'); var mime = require('send').mime; var basename = require('path').basename; var etag = require('etag'); @@ -120,18 +122,8 @@ exports.normalizeTypes = function(types){ * @api private */ -exports.contentDisposition = function(filename){ - var ret = 'attachment'; - if (filename) { - filename = basename(filename); - // if filename contains non-ascii characters, add a utf-8 version ala RFC 5987 - ret = /[^\040-\176]/.test(filename) - ? 'attachment; filename="' + encodeURI(filename) + '"; filename*=UTF-8\'\'' + encodeURI(filename) - : 'attachment; filename="' + filename + '"'; - } - - return ret; -}; +exports.contentDisposition = deprecate.function(contentDisposition, + 'utils.contentDisposition: use content-disposition npm module instead'); /** * Parse accept params `str` returning an diff --git a/package.json b/package.json index e4a4bde0..d78c88ce 100644 --- a/package.json +++ b/package.json @@ -28,6 +28,7 @@ "homepage": "http://expressjs.com/", "dependencies": { "accepts": "~1.1.2", + "content-disposition": "0.5.0", "cookie-signature": "1.0.5", "debug": "~2.0.0", "depd": "0.4.5", diff --git a/test/res.attachment.js b/test/res.attachment.js index be189344..662b1dd4 100644 --- a/test/res.attachment.js +++ b/test/res.attachment.js @@ -56,10 +56,8 @@ describe('res', function(){ request(app) .get('/') - .expect('Content-Disposition', 'attachment;' + - ' filename="%E6%97%A5%E6%9C%AC%E8%AA%9E.txt";' + - ' filename*=UTF-8\'\'%E6%97%A5%E6%9C%AC%E8%AA%9E.txt', - done); + .expect('Content-Disposition', 'attachment; filename="???.txt"; filename*=UTF-8\'\'%E6%97%A5%E6%9C%AC%E8%AA%9E.txt') + .expect(200, done); }) it('should set the Content-Type', function(done){