init file download via POST

apps/files/appinfo/routes.php

@@ -101,6 +101,16 @@
 				'url' => '/ajax/getstoragestats.php',
 				'verb' => 'GET',
 			],
+			[
+				'name' => 'ajax#registerDownload',
+				'url' => '/registerDownload',
+				'verb' => 'POST',
+			],
+			[
+				'name' => 'ajax#download',
+				'url' => '/ajax/download.php',
+				'verb' => 'GET',
+			],
 			[
 				'name' => 'API#toggleShowFolder',
 				'url' => '/api/v1/toggleShowFolder/{key}',
@@ -174,7 +184,5 @@
 
 /** @var $this \OC\Route\Router */
 
-$this->create('files_ajax_download', 'apps/files/ajax/download.php')
-	->actionInclude('files/ajax/download.php');
 $this->create('files_ajax_list', 'apps/files/ajax/list.php')
 	->actionInclude('files/ajax/list.php');

apps/files/js/fileactions.js

@@ -621,7 +621,7 @@
 						};
 
 						context.fileList.showFileBusyState(filename, true);
-						OCA.Files.Files.handleDownload(url, disableLoadingState);
+						OCA.Files.Files.handleDownload(filename, dir, disableLoadingState);
 					}
 				}
 			});

apps/files/js/filelist.js

@@ -1036,11 +1036,11 @@
 			};
 
 			if(this.getSelectedFiles().length > 1) {
-				OCA.Files.Files.handleDownload(this.getDownloadUrl(files, dir, true), disableLoadingState);
+				OCA.Files.Files.handleDownload(files, dir, disableLoadingState);
 			}
 			else {
 				var first = this.getSelectedFiles()[0];
-				OCA.Files.Files.handleDownload(this.getDownloadUrl(first.name, dir, true), disableLoadingState);
+				OCA.Files.Files.handleDownload(first.name, dir, disableLoadingState);
 			}
 			event.preventDefault();
 		},
@@ -1340,8 +1340,7 @@
 
 					}
 					else {
-						var url = this.getDownloadUrl(filename, dir, true);
-						OCA.Files.Files.handleDownload(url);
+						OCA.Files.Files.handleDownload(filename, dir, undefined);
 					}
 				}
 				this.triedActionOnce = true;

apps/files/js/files.js

@@ -363,26 +363,24 @@
 		 * - browser now adds this cookie for the domain
 		 * - JS periodically checks for this cookie and then knows when the download has started to call the callback
 		 *
-		 * @param {string} url download URL
+		 * @param {string} files
+		 * @param {string} dir
 		 * @param {Function} callback function to call once the download has started
 		 */
-		handleDownload: function(url, callback) {
+		handleDownload: function(files, dir, callback) {
 			var randomToken = Math.random().toString(36).substring(2),
 				checkForDownloadCookie = function() {
 					if (!OC.Util.isCookieSetToValue('ocDownloadStarted', randomToken)){
 						return false;
 					} else {
-						callback();
+						if (callback !== undefined) {
+							callback();
+						}
 						return true;
 					}
 				};
 
-			if (url.indexOf('?') >= 0) {
-				url += '&';
-			} else {
-				url += '?';
-			}
-			OC.redirect(url + 'downloadStartSecret=' + randomToken);
+			OCA.Files.download(files, dir, randomToken);
 			OC.Util.waitFor(checkForDownloadCookie, 500);
 		}
 	};

apps/files/lib/AppInfo/Application.php

@@ -68,6 +68,7 @@
 
 class Application extends App implements IBootstrap {
 	public const APP_ID = 'files';
+	public const DL_TOKEN_PREFIX = 'dlToken_';
 
 	public function __construct(array $urlParams = []) {
 		parent::__construct(self::APP_ID, $urlParams);

apps/files/lib/Controller/AjaxController.php

@@ -26,15 +26,37 @@
 
 namespace OCA\Files\Controller;
 
+use OC_Files;
 use OCA\Files\Helper;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\Files\NotFoundException;
+use OCP\Files\Utils\IDownloadManager;
+use OCP\IConfig;
 use OCP\IRequest;
+use OCP\ISession;
 
 class AjaxController extends Controller {
-	public function __construct(string $appName, IRequest $request) {
+	/** @var ISession */
+	private $session;
+	/** @var IConfig */
+	private $config;
+
+	/** @var IDownloadManager */
+	private $downloadManager;
+
+	public function __construct(
+		string $appName,
+		IRequest $request,
+		ISession $session,
+		IConfig $config,
+		IDownloadManager $downloadManager
+	) {
 		parent::__construct($appName, $request);
+		$this->session = $session;
+		$this->request = $request;
+		$this->config = $config;
+		$this->downloadManager = $downloadManager;
 	}
 
 	/**
@@ -56,4 +78,46 @@ public function getStorageStats(string $dir = '/'): JSONResponse {
 			]);
 		}
 	}
+
+	/**
+	 * @NoAdminRequired
+	 */
+	public function registerDownload($files, string $dir = '', string $downloadStartSecret = '') {
+		if (is_string($files)) {
+			$files = [$files];
+		} elseif (!is_array($files)) {
+			throw new \InvalidArgumentException('Invalid argument for files');
+		}
+
+		$token = $this->downloadManager->register([
+			'files' => $files,
+			'dir' => $dir,
+			'downloadStartSecret' => $downloadStartSecret,
+		]);
+
+		return new JSONResponse(['token' => $token]);
+	}
+
+	/**
+	 * @NoAdminRequired
+	 * @NoCSRFRequired
+	 */
+	public function download(string $token) {
+
+		$data = $this->downloadManager->retrieve($token);
+		$this->session->close();
+
+		if (strlen($data['downloadStartSecret']) <= 32
+			&& (preg_match('!^[a-zA-Z0-9]+$!', $data['downloadStartSecret']) === 1)
+		) {
+			setcookie('ocDownloadStarted', $data['downloadStartSecret'], time() + 20, '/');
+		}
+
+		$serverParams = [ 'head' => $this->request->getMethod() === 'HEAD' ];
+		if (isset($_SERVER['HTTP_RANGE'])) {
+			$serverParams['range'] = $this->request->getHeader('Range');
+		}
+
+		OC_Files::get($data['dir'], $data['files'], $serverParams);
+	}
 }

apps/files/lib/Controller/ViewController.php

@@ -191,6 +191,7 @@ public function index($dir = '', $view = '', $fileid = null, $fileNotFound = fal
 		\OCP\Util::addStyle('files', 'merged');
 		\OCP\Util::addScript('files', 'merged-index');
 		\OCP\Util::addScript('files', 'dist/templates');
+		\OCP\Util::addScript('files', 'dist/download');
 
 		// mostly for the home storage's free space
 		// FIXME: Make non static

apps/files/src/download.js

@@ -0,0 +1,28 @@
+/**
+ * @copyright Copyright (c) 2021 Arthur Schiwon <[email protected]>
+ *
+ * @author Arthur Schiwon <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import download from './services/Download'
+
+if (!window.OCA.Files) {
+	window.OCA.Files = {}
+}
+Object.assign(window.OCA.Files, { download })

apps/files/src/services/Download.js

@@ -0,0 +1,39 @@
+/**
+ * @copyright Copyright (c) 2021 Arthur Schiwon <[email protected]>
+ *
+ * @author Arthur Schiwon <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { generateUrl } from '@nextcloud/router'
+import axios from '@nextcloud/axios'
+
+export default async function(files, dir, downloadStartSecret) {
+	const res = await axios.post(generateUrl('apps/files/registerDownload'), {
+		files,
+		dir,
+		downloadStartSecret,
+	})
+
+	if (res.status === 200 && res.data.token) {
+		const dlUrl = generateUrl('apps/files/ajax/download.php?token={token}', {
+			token: res.data.token,
+		})
+		OC.redirect(dlUrl)
+	}
+}

apps/files/webpack.js

@@ -26,6 +26,7 @@ const path = require('path')
 
 module.exports = {
 	entry: {
+		download: path.join(__dirname, 'src', 'download.js'),
 		sidebar: path.join(__dirname, 'src', 'sidebar.js'),
 		templates: path.join(__dirname, 'src', 'templates.js'),
 		'files-app-settings': path.join(__dirname, 'src', 'files-app-settings.js'),

apps/files_sharing/js/public.js

@@ -295,6 +295,20 @@ OCA.Sharing.PublicApp = {
 			$('#download').click(function (e) {
 				e.preventDefault();
 				OC.redirect(FileList.getDownloadUrl());
+
+				var path = dir || this.getCurrentDirectory();
+				if (_.isArray(filename)) {
+					filename = JSON.stringify(filename);
+				}
+				var params = {
+					path: path
+				};
+				if (filename) {
+					params.files = filename;
+				}
+
+
+				OCA.Files.Download.get()
 			});
 
 			if (hideDownload === 'true') {