Uploaded image for project: 'Infrastructure'
  1. Infrastructure
  2. INFRA-13629

release .sha checksum file download from dist.apache.org is incorrect when using Firefox

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Fix Version/s: Mar 2017
    • Component/s: Dists, Subversion
    • Labels:
      None

      Description

      We have historically shipped a .sha1 signature file with our releases, but swapped for a couple of in-progress releases to use .sha file with a SHA512 checksum, as noted in http://www.apache.org/dev/release-distribution.html#sigs-and-sums. In testing these releases, it was noticed the .sha file failed to download correctly.

      The issue was noticed when the file was grabbed using Firefox, however the file downloads successfully when using wget or checking out the svn dir of the dist repo. Looking at the wget output, it is visible that previously the .sha1 mime type was reported as application/x-sha1, but with the new .sha file it is now being reported as application/x-gzip.

      Forcing a mime type of text/plain in svn with a svn:mime-type propset allows the browser to view/download the file successfully, but it doesnt feel like this should be needed given svn itself treats files as text by default and other checksum extensions are handled without issue.

      https://dist.apache.org/repos/dist/dev/qpid/proton-j/0.18.0-rc1/apache-qpid-proton-j-0.18.0-src.tar.gz.sha is an example of a file with the issue. Mime type currently not set in svn.

        Attachments

          Activity

            People

            • Assignee:
              cml Chris Lambertus
              Reporter:
              gemmellr Robbie Gemmell
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: