diff --git a/packages/nocodb/src/controllers/attachments-secure.controller.ts b/packages/nocodb/src/controllers/attachments-secure.controller.ts index e19b300077..5d7145307e 100644 --- a/packages/nocodb/src/controllers/attachments-secure.controller.ts +++ b/packages/nocodb/src/controllers/attachments-secure.controller.ts @@ -75,7 +75,11 @@ export class AttachmentsSecureController { path: path.join('nc', 'uploads', fpath), }); - res.sendFile(file.path); + if (this.attachmentsService.previewAvailable(file.type)) { + res.sendFile(file.path); + } else { + res.download(file.path); + } } catch (e) { res.status(404).send('Not found'); } diff --git a/packages/nocodb/src/controllers/attachments.controller.ts b/packages/nocodb/src/controllers/attachments.controller.ts index 00a471e1e5..353e840eb7 100644 --- a/packages/nocodb/src/controllers/attachments.controller.ts +++ b/packages/nocodb/src/controllers/attachments.controller.ts @@ -68,7 +68,11 @@ export class AttachmentsController { path: path.join('nc', 'uploads', filename), }); - res.sendFile(file.path); + if (this.attachmentsService.previewAvailable(file.type)) { + res.sendFile(file.path); + } else { + res.download(file.path); + } } catch (e) { res.status(404).send('Not found'); } @@ -94,7 +98,11 @@ export class AttachmentsController { ), }); - res.sendFile(file.path); + if (this.attachmentsService.previewAvailable(file.type)) { + res.sendFile(file.path); + } else { + res.download(file.path); + } } catch (e) { res.status(404).send('Not found'); } @@ -109,7 +117,11 @@ export class AttachmentsController { path: path.join('nc', 'uploads', fpath), }); - res.sendFile(file.path); + if (this.attachmentsService.previewAvailable(file.type)) { + res.sendFile(file.path); + } else { + res.download(file.path); + } } catch (e) { res.status(404).send('Not found'); } diff --git a/packages/nocodb/src/services/attachments.service.ts b/packages/nocodb/src/services/attachments.service.ts index ead5f4c4bb..ff6ba485ea 100644 --- a/packages/nocodb/src/services/attachments.service.ts +++ b/packages/nocodb/src/services/attachments.service.ts @@ -161,6 +161,14 @@ export class AttachmentsService { return { path: filePath, type }; } + previewAvailable(mimetype: string) { + const available = ['image', 'pdf', 'text/plain']; + if (available.some((type) => mimetype.includes(type))) { + return true; + } + return false; + } + sanitizeUrlPath(paths) { return paths.map((url) => url.replace(/[/.?#]+/g, '_')); }