Skip to content

fix: archive download on password protected links #1523

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JammingBen merged 1 commit into from
Nov 10, 2025
Merged

fix: archive download on password protected links #1523

JammingBen merged 1 commit into from
Nov 10, 2025

Conversation

@JammingBen
Copy link
Contributor

@JammingBen JammingBen commented Nov 5, 2025

Undo the change from c7072a7 for password protected links for now, until we ditch client-side signing.

refs opencloud-eu/opencloud#1712

@JammingBen JammingBen self-assigned this Nov 5, 2025
Copilot AI review requested due to automatic review settings November 5, 2025 09:36
Copilot AI reviewed Nov 5, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for password-protected public links when downloading archives. The implementation allows archives to be downloaded from public links that require authentication by adding a publicLinkPassword parameter and handling the authentication via Basic Auth.

Key changes:

  • Added publicLinkPassword parameter to archive download options
  • Implemented client-side fetch with Basic Auth for password-protected archives
  • Integrated password retrieval from auth store in the download archive action

Reviewed Changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 4 comments.

File Description
packages/web-pkg/src/services/archiver.ts Added publicLinkPassword parameter and conditional fetch logic with Basic Auth for password-protected archives
packages/web-pkg/src/composables/actions/files/useFileActionsDownloadArchive.ts Integrated authStore to pass publicLinkPassword to archiver service for public space resources

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

packages/web-pkg/src/services/archiver.ts

const blob = await response.blob()
url = URL.createObjectURL(blob)
fileName = decodeURI(response.headers.get('content-disposition')?.split('"')[1])
Copy link

Copilot AI Nov 5, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This line will throw a TypeError if content-disposition header is missing or doesn't contain quotes. The optional chaining stops at get(), but split('"')[1] will fail if the header is null/undefined or doesn't have the expected format. Consider adding proper null checks: const contentDisposition = response.headers.get('content-disposition'); fileName = contentDisposition?.split('\"')[1] ? decodeURI(contentDisposition.split('\"')[1]) : 'archive';

Suggested change
fileName = decodeURI(response.headers.get('content-disposition')?.split('"')[1])
{
const contentDisposition = response.headers.get('content-disposition');
// Try to extract filename from header (handles quoted and unquoted)
const match = contentDisposition && contentDisposition.match(/filename\*?=(?:UTF-8'')?("?)([^";]+)\1/);
fileName = match ? decodeURI(match[2]) : 'archive';
}

Copilot uses AI. Check for mistakes.
@JammingBen JammingBen force-pushed the fix/public-password-archiver-2 branch 3 times, most recently from 61253ff to 532562d Compare November 5, 2025 09:43
@JammingBen JammingBen force-pushed the fix/public-password-archiver-2 branch from 532562d to 3cf16ce Compare November 5, 2025 09:55
@JammingBen JammingBen requested a review from kulmann November 5, 2025 10:06
@ScharfViktor ScharfViktor mentioned this pull request Nov 5, 2025
Merged
kulmann
kulmann approved these changes Nov 10, 2025
View reviewed changes
Copy link
Contributor

@kulmann kulmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm 🥲 that we need it, but thank you for the fix either way!

@JammingBen JammingBen merged commit be6286e into main Nov 10, 2025
28 checks passed
@JammingBen JammingBen deleted the fix/public-password-archiver-2 branch November 10, 2025 13:38
openclouders pushed a commit that referenced this pull request Nov 10, 2025
@JammingBen
Merge pull request #1523 from opencloud-eu/fix/public-password-archiv…
df84748 
…er-2

fix: archive download on password protected links
@openclouders openclouders mentioned this pull request Nov 10, 2025
Merged
1 task
@JammingBen
Copy link
Contributor Author

JammingBen commented Nov 10, 2025

💚 All backports created successfully

Status Branch Result
stable-4.2

Questions ?

Please refer to the Backport tool documentation

This was referenced Nov 10, 2025
Merged
Closed
@openclouders openclouders mentioned this pull request Dec 15, 2025
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@kulmann kulmann kulmann approved these changes

@AlexAndBear AlexAndBear Awaiting requested review from AlexAndBear

Assignees

@JammingBen JammingBen

Labels

Type:Bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JammingBen @kulmann