diff options
Diffstat (limited to 'app/controllers/projects/avatars_controller.rb')
-rw-r--r-- | app/controllers/projects/avatars_controller.rb | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb index 548f1b9ebfe..a6bebc46b06 100644 --- a/app/controllers/projects/avatars_controller.rb +++ b/app/controllers/projects/avatars_controller.rb @@ -1,16 +1,19 @@ class Projects::AvatarsController < Projects::ApplicationController + include BlobHelper + before_action :project def show - @blob = @project.repository.blob_at_branch('master', @project.avatar_in_git) + @blob = @repository.blob_at_branch('master', @project.avatar_in_git) if @blob headers['X-Content-Type-Options'] = 'nosniff' - send_data( - @blob.data, - type: @blob.mime_type, - disposition: 'inline', - filename: @blob.name - ) + + return if cached_blob? + + headers.store(*Gitlab::Workhorse.send_git_blob(@repository, @blob)) + headers['Content-Disposition'] = 'inline' + headers['Content-Type'] = safe_content_type(@blob) + head :ok # 'render nothing: true' messes up the Content-Type else render_404 end |