prosody-modules: comparison mod_http_upload

equal deleted inserted replaced

-:ac99a04231b1
+:9480ca61294d
 $store_file_name = $CONFIG_STORE_DIR . '/store-' . hash('sha256', $upload_file_name);
 $request_method = $_SERVER['REQUEST_METHOD'];
 if(array_key_exists('v', $_GET) === TRUE && $request_method === 'PUT') {
-	$upload_file_size = $_SERVER['HTTP_CONTENT_LENGTH'];
+	$upload_file_size = $_SERVER['CONTENT_LENGTH'];
 	$upload_token = $_GET['v'];
 	$calculated_token = hash_hmac('sha256', "$upload_file_name $upload_file_size", $CONFIG_SECRET);
 	if($upload_token !== $calculated_token) {
 		header('HTTP/1.0 403 Forbidden');
 	// Send file (using X-Sendfile would be nice here...)
 	if(file_exists($store_file_name)) {
 		header('Content-Disposition: attachment');
 		header('Content-Type: application/octet-stream');
 		header('Content-Length: '.filesize($store_file_name));
-		header('Content-Security-Policy: "default-src \'none\'"');
+header("Content-Security-Policy: \"default-src 'none'\"");
-		header('X-Content-Security-Policy: "default-src \'none\'"');
+header("X-Content-Security-Policy: \"default-src 'none'\"");
-		header('X-WebKit-CSP: "default-src 'none'"');
+header("X-WebKit-CSP: \"default-src 'none'\"");
 		if($request_method !== 'HEAD') {
 			readfile($store_file_name);
 		}
 	} else {
 		header('HTTP/1.0 404 Not Found');