From 66a300768a62bbc901bb1ccb150dfda03388623f Mon Sep 17 00:00:00 2001
From: vrana <jakubv@fb.com>
Date: Fri, 24 Aug 2012 12:25:51 -0700
Subject: [PATCH] Redirect instead of 400 from file on wrong domain

Summary: We recently opted for 'security.alternate-file-domain' and we have some hotlinks to the original domain.

Test Plan: Enabled 'security.alternate-file-domain', observed redirect.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D3380
---
 .../files/controller/PhabricatorFileDataController.php      | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/src/applications/files/controller/PhabricatorFileDataController.php b/src/applications/files/controller/PhabricatorFileDataController.php
index f55b8cb318..636b1a401b 100644
--- a/src/applications/files/controller/PhabricatorFileDataController.php
+++ b/src/applications/files/controller/PhabricatorFileDataController.php
@@ -34,9 +34,11 @@ final class PhabricatorFileDataController extends PhabricatorFileController {
     $request = $this->getRequest();
 
     $alt = PhabricatorEnv::getEnvConfig('security.alternate-file-domain');
-    $alt_domain = id(new PhutilURI($alt))->getDomain();
+    $uri = new PhutilURI($alt);
+    $alt_domain = $uri->getDomain();
     if ($alt_domain && ($alt_domain != $request->getHost())) {
-      return new Aphront400Response();
+      return id(new AphrontRedirectResponse())
+        ->setURI($uri->setPath($request->getPath()));
     }
 
     $file = id(new PhabricatorFile())->loadOneWhere(