Redirect to a presigned URL of HEAD for HEAD requests (#35088)

Resolves https://github.com/go-gitea/gitea/issues/35086. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-07-31 06:38:37 +00:00 · 2025-07-16 21:22:45 +10:00
parent 0d00ec7eed
commit e1e4815a1c
42 changed files with 85 additions and 72 deletions
--- a/services/lfs/server.go
+++ b/services/lfs/server.go
@@ -43,6 +43,7 @@ type requestContext struct {
 	User          string
 	Repo          string
 	Authorization string
+	Method        string
 }

 // Claims is a JWT Token Claims
@@ -397,6 +398,7 @@ func getRequestContext(ctx *context.Context) *requestContext {
 		User:          ctx.PathParam("username"),
 		Repo:          strings.TrimSuffix(ctx.PathParam("reponame"), ".git"),
 		Authorization: ctx.Req.Header.Get("Authorization"),
+		Method:        ctx.Req.Method,
 	}
 }

@@ -465,7 +467,7 @@ func buildObjectResponse(rc *requestContext, pointer lfs_module.Pointer, downloa
 			var link *lfs_module.Link
 			if setting.LFS.Storage.ServeDirect() {
 				// If we have a signed url (S3, object storage), redirect to this directly.
-				u, err := storage.LFS.URL(pointer.RelativePath(), pointer.Oid, nil)
+				u, err := storage.LFS.URL(pointer.RelativePath(), pointer.Oid, rc.Method, nil)
 				if u != nil && err == nil {
 					// Presigned url does not need the Authorization header
 					// https://github.com/go-gitea/gitea/issues/21525