Bug 741526 - Mozilla central mozapps implementation ignores Content-Type. r=fabrice

This commit is contained in:
Marco Castelluccio 2012-11-29 17:52:02 -05:00
parent d75934f2d9
commit 4e7d756418
6 changed files with 26 additions and 1 deletions

View File

@ -184,6 +184,15 @@ this.AppsUtils = {
return true;
},
checkManifestContentType: function
checkManifestContentType(installOrigin, webappOrigin, contentType) {
if (installOrigin != webappOrigin &&
contentType != "application/x-web-app-manifest+json") {
return false;
}
return true;
},
/**
* Determines whether the manifest allows installs for the given origin.
* @param object aManifest

View File

@ -105,6 +105,12 @@ WebappsRegistry.prototype = {
xhr.addEventListener("load", (function() {
if (xhr.status == 200) {
if (!AppsUtils.checkManifestContentType(installOrigin, this._getOrigin(aURL),
xhr.getResponseHeader("content-type"))) {
Services.DOMRequest.fireError(request, "INVALID_MANIFEST");
return;
}
let manifest;
try {
manifest = JSON.parse(xhr.responseText, installOrigin);
@ -214,6 +220,12 @@ WebappsRegistry.prototype = {
xhr.addEventListener("load", (function() {
if (xhr.status == 200) {
if (!AppsUtils.checkManifestContentType(installOrigin, this._getOrigin(aURL),
xhr.getResponseHeader("content-type"))) {
Services.DOMRequest.fireError(request, "INVALID_MANIFEST");
return;
}
let manifest;
try {
manifest = JSON.parse(xhr.responseText, installOrigin);

View File

@ -23,7 +23,9 @@ MOCHITEST_CHROME_FILES = \
utf8.webapp \
utf8.webapp^headers^ \
installs_allowed_from_chrome_mochitests.webapp \
installs_allowed_from_chrome_mochitests.webapp^headers^ \
installs_allowed_from_example.com.webapp \
installs_allowed_from_example.com.webapp^headers^ \
invalid_launch_path.webapp \
invalid_launch_path.webapp^headers^ \
invalid_launch_path2.webapp \

View File

@ -0,0 +1 @@
Content-Type: application/x-web-app-manifest+json

View File

@ -0,0 +1 @@
Content-Type: application/x-web-app-manifest+json

View File

@ -97,7 +97,7 @@ function invalidContent(next) {
};
request.onsuccess = function onInstall() {
todo(false, "manifest with bad content type fails");
ok(false, "manifest with bad content type should fail");
this.result.uninstall().onsuccess = function onUninstall() {
next();
};