Support range requests and partial content responses

[justinfenn]

It looks like we can't currently play uploaded videos on Apple devices (for iOS at least--I haven't been able to test with desktop Safari). I think this is because the server doesn't support range requests which are required for media playback on iOS.

Issue #233 mentions playing video in browsers, and the changes there seem to work for desktop and Android. It would be nice if support for more devices could be integrated to improve video sharing.

[camathieu]

Most likely due to that :

resp.Header().Set("X-Content-Type-Options", "nosniff") resp.Header().Set("X-XSS-Protection", "1; mode=block") resp.Header().Set("X-Frame-Options", "DENY") resp.Header().Set("Content-Security-Policy", "default-src 'none'; script-src 'none'; style-src 'none'; img-src 'none'; connect-src 'none'; font-src 'none'; object-src 'none'; media-src 'self'; child-src 'none'; form-action 'none'; frame-ancestors 'none'; plugin-types; sandbox")

We might decide to change the defaults in 1.3

[justinfenn]

Hmm, interesting. I added some very hacky support for range requests and noticed that it still didn't work with iOS, so I also experimented with removing Content-Security-Policy and it did start working. I didn't try modifying those security options on their own. I will look into that.

Out of interest, would you consider a PR that adds range request support to some but not all of the backends? I've got an implementation that works for the file and OpenSwift backends, but the others look significantly more difficult. It may not even be possible for streaming.

Thanks for responding!

[camathieu]

Sure that would be great.

We have a pretty big refacto incoming for 1.3 mostly to bring tests so it's the right time to bring new features. We'll try to merge it into a 1.3-RC1 branch in the coming days.

https://github.com/camathieu/plik/tree/1.3-RC1