Merge pull request #4758 from BookStackApp/range_request_support

Range request support

Author: ssddanbrown

app/Config/filesystems.php

@@ -58,6 +58,7 @@
             'endpoint'                => env('STORAGE_S3_ENDPOINT', null),
             'use_path_style_endpoint' => env('STORAGE_S3_ENDPOINT', null) !== null,
             'throw'                   => true,
+            'stream_reads'            => false,
         ],
 
     ],

app/Http/DownloadResponseFactory.php

@@ -2,74 +2,68 @@
 
 namespace BookStack\Http;
 
-use BookStack\Util\WebSafeMimeSniffer;
 use Illuminate\Http\Request;
 use Illuminate\Http\Response;
 use Symfony\Component\HttpFoundation\StreamedResponse;
 
 class DownloadResponseFactory
 {
-    protected Request $request;
-
-    public function __construct(Request $request)
-    {
-        $this->request = $request;
+    public function __construct(
+        protected Request $request
+    ) {
     }
 
     /**
      * Create a response that directly forces a download in the browser.
      */
     public function directly(string $content, string $fileName): Response
     {
-        return response()->make($content, 200, $this->getHeaders($fileName));
+        return response()->make($content, 200, $this->getHeaders($fileName, strlen($content)));
     }
 
     /**
      * Create a response that forces a download, from a given stream of content.
      */
-    public function streamedDirectly($stream, string $fileName): StreamedResponse
+    public function streamedDirectly($stream, string $fileName, int $fileSize): StreamedResponse
     {
-        return response()->stream(function () use ($stream) {
-
-            // End & flush the output buffer, if we're in one, otherwise we still use memory.
-            // Output buffer may or may not exist depending on PHP `output_buffering` setting.
-            // Ignore in testing since output buffers are used to gather a response.
-            if (!empty(ob_get_status()) && !app()->runningUnitTests()) {
-                ob_end_clean();
-            }
-
-            fpassthru($stream);
-            fclose($stream);
-        }, 200, $this->getHeaders($fileName));
+        $rangeStream = new RangeSupportedStream($stream, $fileSize, $this->request);
+        $headers = array_merge($this->getHeaders($fileName, $fileSize), $rangeStream->getResponseHeaders());
+        return response()->stream(
+            fn() => $rangeStream->outputAndClose(),
+            $rangeStream->getResponseStatus(),
+            $headers,
+        );
     }
 
     /**
      * Create a file download response that provides the file with a content-type
      * correct for the file, in a way so the browser can show the content in browser,
      * for a given content stream.
      */
-    public function streamedInline($stream, string $fileName): StreamedResponse
+    public function streamedInline($stream, string $fileName, int $fileSize): StreamedResponse
     {
-        $sniffContent = fread($stream, 2000);
-        $mime = (new WebSafeMimeSniffer())->sniff($sniffContent);
+        $rangeStream = new RangeSupportedStream($stream, $fileSize, $this->request);
+        $mime = $rangeStream->sniffMime();
+        $headers = array_merge($this->getHeaders($fileName, $fileSize, $mime), $rangeStream->getResponseHeaders());
 
-        return response()->stream(function () use ($sniffContent, $stream) {
-            echo $sniffContent;
-            fpassthru($stream);
-            fclose($stream);
-        }, 200, $this->getHeaders($fileName, $mime));
+        return response()->stream(
+            fn() => $rangeStream->outputAndClose(),
+            $rangeStream->getResponseStatus(),
+            $headers,
+        );
     }
 
     /**
      * Get the common headers to provide for a download response.
      */
-    protected function getHeaders(string $fileName, string $mime = 'application/octet-stream'): array
+    protected function getHeaders(string $fileName, int $fileSize, string $mime = 'application/octet-stream'): array
     {
         $disposition = ($mime === 'application/octet-stream') ? 'attachment' : 'inline';
         $downloadName = str_replace('"', '', $fileName);
 
         return [
             'Content-Type'           => $mime,
+            'Content-Length'         => $fileSize,
             'Content-Disposition'    => "{$disposition}; filename=\"{$downloadName}\"",
             'X-Content-Type-Options' => 'nosniff',
         ];

app/Http/RangeSupportedStream.php

@@ -0,0 +1,134 @@
+<?php
+
+namespace BookStack\Http;
+
+use BookStack\Util\WebSafeMimeSniffer;
+use Illuminate\Http\Request;
+
+/**
+ * Helper wrapper for range-based stream response handling.
+ * Much of this used symfony/http-foundation as a reference during build.
+ * URL: https://github.com/symfony/http-foundation/blob/v6.0.20/BinaryFileResponse.php
+ * License: MIT license, Copyright (c) Fabien Potencier.
+ */
+class RangeSupportedStream
+{
+    protected string $sniffContent = '';
+    protected array $responseHeaders = [];
+    protected int $responseStatus = 200;
+
+    protected int $responseLength = 0;
+    protected int $responseOffset = 0;
+
+    public function __construct(
+        protected $stream,
+        protected int $fileSize,
+        Request $request,
+    ) {
+        $this->responseLength = $this->fileSize;
+        $this->parseRequest($request);
+    }
+
+    /**
+     * Sniff a mime type from the stream.
+     */
+    public function sniffMime(): string
+    {
+        $offset = min(2000, $this->fileSize);
+        $this->sniffContent = fread($this->stream, $offset);
+
+        return (new WebSafeMimeSniffer())->sniff($this->sniffContent);
+    }
+
+    /**
+     * Output the current stream to stdout before closing out the stream.
+     */
+    public function outputAndClose(): void
+    {
+        // End & flush the output buffer, if we're in one, otherwise we still use memory.
+        // Output buffer may or may not exist depending on PHP `output_buffering` setting.
+        // Ignore in testing since output buffers are used to gather a response.
+        if (!empty(ob_get_status()) && !app()->runningUnitTests()) {
+            ob_end_clean();
+        }
+
+        $outStream = fopen('php://output', 'w');
+        $sniffLength = strlen($this->sniffContent);
+        $bytesToWrite = $this->responseLength;
+
+        if ($sniffLength > 0 && $this->responseOffset < $sniffLength) {
+            $sniffEnd = min($sniffLength, $bytesToWrite + $this->responseOffset);
+            $sniffOutLength = $sniffEnd - $this->responseOffset;
+            $sniffOutput = substr($this->sniffContent, $this->responseOffset, $sniffOutLength);
+            fwrite($outStream, $sniffOutput);
+            $bytesToWrite -= $sniffOutLength;
+        } else if ($this->responseOffset !== 0) {
+            fseek($this->stream, $this->responseOffset);
+        }
+
+        stream_copy_to_stream($this->stream, $outStream, $bytesToWrite);
+
+        fclose($this->stream);
+        fclose($outStream);
+    }
+
+    public function getResponseHeaders(): array
+    {
+        return $this->responseHeaders;
+    }
+
+    public function getResponseStatus(): int
+    {
+        return $this->responseStatus;
+    }
+
+    protected function parseRequest(Request $request): void
+    {
+        $this->responseHeaders['Accept-Ranges'] = $request->isMethodSafe() ? 'bytes' : 'none';
+
+        $range = $this->getRangeFromRequest($request);
+        if ($range) {
+            [$start, $end] = $range;
+            if ($start < 0 || $start > $end) {
+                $this->responseStatus = 416;
+                $this->responseHeaders['Content-Range'] = sprintf('bytes */%s', $this->fileSize);
+            } elseif ($end - $start < $this->fileSize - 1) {
+                $this->responseLength = $end < $this->fileSize ? $end - $start + 1 : -1;
+                $this->responseOffset = $start;
+                $this->responseStatus = 206;
+                $this->responseHeaders['Content-Range'] = sprintf('bytes %s-%s/%s', $start, $end, $this->fileSize);
+                $this->responseHeaders['Content-Length'] = $end - $start + 1;
+            }
+        }
+
+        if ($request->isMethod('HEAD')) {
+            $this->responseLength = 0;
+        }
+    }
+
+    protected function getRangeFromRequest(Request $request): ?array
+    {
+        $range = $request->headers->get('Range');
+        if (!$range || !$request->isMethod('GET') || !str_starts_with($range, 'bytes=')) {
+            return null;
+        }
+
+        if ($request->headers->has('If-Range')) {
+            return null;
+        }
+
+        [$start, $end] = explode('-', substr($range, 6), 2) + [0];
+
+        $end = ('' === $end) ? $this->fileSize - 1 : (int) $end;
+
+        if ('' === $start) {
+            $start = $this->fileSize - $end;
+            $end = $this->fileSize - 1;
+        } else {
+            $start = (int) $start;
+        }
+
+        $end = min($end, $this->fileSize - 1);
+        return [$start, $end];
+    }
+}

app/Uploads/Attachment.php

@@ -77,15 +77,30 @@ public function getUrl($openInline = false): string
     }
 
     /**
-     * Generate a HTML link to this attachment.
+     * Get the representation of this attachment in a format suitable for the page editors.
+     * Detects and adapts video content to use an inline video embed.
+     */
+    public function editorContent(): array
+    {
+        $videoExtensions = ['mp4', 'webm', 'mkv', 'ogg', 'avi'];
+        if (in_array(strtolower($this->extension), $videoExtensions)) {
+            $html = '<video src="' . e($this->getUrl(true)) . '" controls width="480" height="270"></video>';
+            return ['text/html' => $html, 'text/plain' => $html];
+        }
+
+        return ['text/html' => $this->htmlLink(), 'text/plain' => $this->markdownLink()];
+    }
+
+    /**
+     * Generate the HTML link to this attachment.
      */
     public function htmlLink(): string
     {
         return '<a target="_blank" href="' . e($this->getUrl()) . '">' . e($this->name) . '</a>';
     }
 
     /**
-     * Generate a markdown link to this attachment.
+     * Generate a MarkDown link to this attachment.
      */
     public function markdownLink(): string
     {

app/Uploads/AttachmentService.php

@@ -66,15 +66,21 @@ protected function adjustPathForStorageDisk(string $path): string
     /**
      * Stream an attachment from storage.
      *
-     * @throws FileNotFoundException
-     *
      * @return resource|null
      */
     public function streamAttachmentFromStorage(Attachment $attachment)
     {
         return $this->getStorageDisk()->readStream($this->adjustPathForStorageDisk($attachment->path));
     }
 
+    /**
+     * Read the file size of an attachment from storage, in bytes.
+     */
+    public function getAttachmentFileSize(Attachment $attachment): int
+    {
+        return $this->getStorageDisk()->size($this->adjustPathForStorageDisk($attachment->path));
+    }
+
     /**
      * Store a new attachment upon user upload.
      *

app/Uploads/Controllers/AttachmentController.php

@@ -226,12 +226,13 @@ public function get(Request $request, string $attachmentId)
 
         $fileName = $attachment->getFileName();
         $attachmentStream = $this->attachmentService->streamAttachmentFromStorage($attachment);
+        $attachmentSize = $this->attachmentService->getAttachmentFileSize($attachment);
 
         if ($request->get('open') === 'true') {
-            return $this->download()->streamedInline($attachmentStream, $fileName);
+            return $this->download()->streamedInline($attachmentStream, $fileName, $attachmentSize);
         }
 
-        return $this->download()->streamedDirectly($attachmentStream, $fileName);
+        return $this->download()->streamedDirectly($attachmentStream, $fileName, $attachmentSize);
     }
 
     /**

resources/views/attachments/manager-list.blade.php

@@ -4,7 +4,7 @@
         <div component="ajax-delete-row"
              option:ajax-delete-row:url="{{ url('/attachments/' . $attachment->id) }}"
              data-id="{{ $attachment->id }}"
-             data-drag-content="{{ json_encode(['text/html' => $attachment->htmlLink(), 'text/plain' => $attachment->markdownLink()]) }}"
+             data-drag-content="{{ json_encode($attachment->editorContent()) }}"
              class="card drag-card">
             <div class="handle">@icon('grip')</div>
             <div class="py-s">