Patch before ./configure, as otherwise mimedefang.pl will not have the proper code below. --- mimedefang.pl.in.orig Fri Apr 25 06:16:11 2003 +++ mimedefang.pl.in Thu Jun 5 19:14:37 2003 @@ -4763,14 +4763,15 @@ # base_url -- base URL for retrieving document # msg -- message to replace document with. The string "_URL_" is # replaced with the actual URL of the part. +# cd_data -- optional Content-Disposition filename data to save # %RETURNS: # 1 on success, 0 on failure # %DESCRIPTION: # Places the part in doc_root/{sha1_of_part}.ext and replaces it with # a text/plain part giving the URL for pickup. #*********************************************************************** -sub action_replace_with_url ($$$$) { - my($entity, $doc_root, $base_url, $msg) = @_; +sub action_replace_with_url ($$$$;$) { + my($entity, $doc_root, $base_url, $msg, $cd_data) = @_; my($ctx); my($path); my($fname, $ext, $name, $url); @@ -4808,6 +4809,16 @@ # In case umask is whacked... chmod 0644, $fname; } + + # save optional Content-Disposition data + if ($cd_data) { + if (open CDF, ">$doc_root/.$name") { + print CDF $cd_data; + close CDF; + chmod 0644, "$doc_root/.$name"; + } + } + $msg =~ s/_URL_/$url/g; action_replace_with_warning($msg); return 1; --- mimedefang-filter.5.in.orig Mon Apr 21 09:17:24 2003 +++ mimedefang-filter.5.in Thu Jun 5 19:20:13 2003 @@ -861,6 +861,12 @@ them. If indexing is disabled, an attacker would have to guess the SHA1 hash of a part in order to read it. +Optionally, a fifth argument can supply data to be saved into a hidden +dot filename based on the generated name. This data can then be read in +on the fly by a CGI script or mod_perl module before serving the file to +a web client, and used to add information to the response, such as +Content-Disposition data. + .TP .B action_defang($entity, $name, $fname, $type) Accept the part, but change its name to \fI$name\fR, its suggested filename