Use an empty body when sending a file with X-Sendfile
🌳 Context
From !45340 (merged), Rack v2.1.4 introduced some constraints. Among them:
The Body must respond to
each
and must only yield String values
When using file uploads with object storage disabled, requests to the uploaded file can be answered using the X-Sendfile
header. When that's the case, the body
is set to nil which will trigger this
Having the object storage disabled is an option that self-managed instances can choose to have.
gitlab.com has the object storage enabled and will not encounter this issue.
🔬 What does this MR do?
- Send a
''
as a body instead ofnil
when processing theX-Sendfile
header - Add the relevant spec example as it was missing
🎥 Screenshots (strongly suggested)
n / a
🍴 Does this MR meet the acceptance criteria?
Conformity
-
Changelog entry - [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
- [-] Separation of EE specific content
Availability and Testing
- [-] Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
- [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by David Fernandez