diff --git a/BinaryFileResponse.php b/BinaryFileResponse.php
index 2c4d831bb..a7358183b 100644
--- a/BinaryFileResponse.php
+++ b/BinaryFileResponse.php
@@ -237,7 +237,7 @@ public function prepare(Request $request): static
$path = $location.substr($path, \strlen($pathPrefix));
// Only set X-Accel-Redirect header if a valid URI can be produced
// as nginx does not serve arbitrary file paths.
- $this->headers->set($type, $path);
+ $this->headers->set($type, rawurlencode($path));
$this->maxlen = 0;
break;
}
diff --git a/Tests/BinaryFileResponseTest.php b/Tests/BinaryFileResponseTest.php
index 1263fa392..7627cd5ec 100644
--- a/Tests/BinaryFileResponseTest.php
+++ b/Tests/BinaryFileResponseTest.php
@@ -314,7 +314,15 @@ public function testXAccelMapping($realpath, $mapping, $virtual)
$property->setValue($response, $file);
$response->prepare($request);
- $this->assertEquals($virtual, $response->headers->get('X-Accel-Redirect'));
+ $header = $response->headers->get('X-Accel-Redirect');
+
+ if ($virtual) {
+ // Making sure the path doesn't contain characters unsupported by nginx
+ $this->assertMatchesRegularExpression('/^([^?%]|%[0-9A-F]{2})*$/', $header);
+ $header = rawurldecode($header);
+ }
+
+ $this->assertEquals($virtual, $header);
}
public function testDeleteFileAfterSend()
@@ -361,6 +369,7 @@ public static function getSampleXAccelMappings()
['/home/Foo/bar.txt', '/var/www/=/files/,/home/Foo/=/baz/', '/baz/bar.txt'],
['/home/Foo/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', '/baz/bar.txt'],
['/tmp/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', null],
+ ['/var/www/var/www/files/foo%.txt', '/var/www/=/files/', '/files/var/www/files/foo%.txt'],
];
}
diff --git a/Tests/RequestTest.php b/Tests/RequestTest.php
index d5a41390e..9031fc34f 100644
--- a/Tests/RequestTest.php
+++ b/Tests/RequestTest.php
@@ -589,7 +589,6 @@ public function testGetUri()
$server['REDIRECT_QUERY_STRING'] = 'query=string';
$server['REDIRECT_URL'] = '/path/info';
- $server['SCRIPT_NAME'] = '/index.php';
$server['QUERY_STRING'] = 'query=string';
$server['REQUEST_URI'] = '/path/info?toto=test&1=1';
$server['SCRIPT_NAME'] = '/index.php';
@@ -716,7 +715,6 @@ public function testGetUriForPath()
$server['REDIRECT_QUERY_STRING'] = 'query=string';
$server['REDIRECT_URL'] = '/path/info';
- $server['SCRIPT_NAME'] = '/index.php';
$server['QUERY_STRING'] = 'query=string';
$server['REQUEST_URI'] = '/path/info?toto=test&1=1';
$server['SCRIPT_NAME'] = '/index.php';
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy