petstore/petstore-backend
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 直接header设置Content-Type,彻底避免charset注入

Browse Source
This commit is contained in:
MaDaLei 2026-04-17 20:24:48 +08:00
parent 66c21ae449
commit d7d585ed42
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/main/java/com/petstore/controller/FileController.java
View File

@ -78,8 +78,9 @@ public class FileController {
// 去掉可能的 charset 参数避免 video Content-Type 被设为 "video/mp4;charset=UTF-8"
int semi = contentType.indexOf(';');
if (semi >= 0) contentType = contentType.substring(0, semi).trim();
// 直接用 header 设置 Content-Type绕过 Spring Accept-Charset 逻辑
return ResponseEntity.ok()
.contentType(MediaType.parseMediaType(contentType))
.header("Content-Type", contentType)
.body(new FileSystemResource(file));
}
@ -97,8 +98,9 @@ public class FileController {
// 去掉可能的 charset 参数避免 video Content-Type 被设为 "video/mp4;charset=UTF-8"
int semi = contentType.indexOf(';');
if (semi >= 0) contentType = contentType.substring(0, semi).trim();
// 直接用 header 设置 Content-Type绕过 Spring Accept-Charset 逻辑
return ResponseEntity.ok()
.contentType(MediaType.parseMediaType(contentType))
.header("Content-Type", contentType)
.body(new FileSystemResource(file));
}