public function file($path, array $options = [])
{
$options += ['name' => null, 'download' => null];
if (strpos($path, '../') !== false || strpos($path, '..\\') !== false) {
throw new NotFoundException('The requested file contains `..` and will not be read.');
}
if (!is_file($path)) {
$path = APP . $path;
}
$file = new File($path);
if (!$file->exists() || !$file->readable()) {
if (Configure::read('debug')) {
throw new NotFoundException(sprintf('The requested file %s was not found or not readable', $path));
}
throw new NotFoundException(__d('cake', 'The requested file was not found'));
}
$extension = strtolower($file->ext());
$download = $options['download'];
if ((!$extension || $this->type($extension) === false) && $download === null) {
$download = true;
}
$fileSize = $file->size();
if ($download) {
$agent = env('HTTP_USER_AGENT');
if (preg_match('%Opera(/| )([0-9].[0-9]{1,2})%', $agent)) {
$contentType = 'application/octet-stream';
} elseif (preg_match('/MSIE ([0-9].[0-9]{1,2})/', $agent)) {
$contentType = 'application/force-download';
}
if (!empty($contentType)) {
$this->type($contentType);
}
if ($options['name'] === null) {
$name = $file->name;
} else {
$name = $options['name'];
}
$this->download($name);
$this->header('Content-Transfer-Encoding', 'binary');
}
$this->header('Accept-Ranges', 'bytes');
$httpRange = env('HTTP_RANGE');
if (isset($httpRange)) {
$this->_fileRange($file, $httpRange);
} else {
$this->header('Content-Length', $fileSize);
}
$this->_file = $file;
}