diff options
Diffstat (limited to 'uriloader/exthandler')
7 files changed, 43 insertions, 59 deletions
diff --git a/uriloader/exthandler/nsExternalHelperAppService.cpp b/uriloader/exthandler/nsExternalHelperAppService.cpp index 84dc262561..3577ff2bbf 100644 --- a/uriloader/exthandler/nsExternalHelperAppService.cpp +++ b/uriloader/exthandler/nsExternalHelperAppService.cpp @@ -3491,8 +3491,8 @@ void nsExternalHelperAppService::SanitizeFileName(nsAString& aFileName, nsAutoString fileName(aFileName); // Replace known invalid characters. - fileName.ReplaceChar(u"" KNOWN_PATH_SEPARATORS, u'_'); - fileName.ReplaceChar(u"" FILE_ILLEGAL_CHARACTERS, u' '); + fileName.ReplaceChar(u"" KNOWN_PATH_SEPARATORS FILE_ILLEGAL_CHARACTERS "%", + u'_'); fileName.StripChar(char16_t(0)); const char16_t *startStr, *endStr; @@ -3674,6 +3674,14 @@ void nsExternalHelperAppService::SanitizeFileName(nsAString& aFileName, outFileName.Truncate(lastNonTrimmable); } + nsAutoString extension; + int32_t dotidx = outFileName.RFind(u"."); + if (dotidx != -1) { + extension = Substring(outFileName, dotidx + 1); + extension.StripWhitespace(); + outFileName = Substring(outFileName, 0, dotidx + 1) + extension; + } + #ifdef XP_WIN if (nsLocalFile::CheckForReservedFileName(outFileName)) { outFileName.Truncate(); diff --git a/uriloader/exthandler/nsExternalProtocolHandler.cpp b/uriloader/exthandler/nsExternalProtocolHandler.cpp index 4e93977b8f..f969cb2d66 100644 --- a/uriloader/exthandler/nsExternalProtocolHandler.cpp +++ b/uriloader/exthandler/nsExternalProtocolHandler.cpp @@ -7,6 +7,7 @@ #include "mozilla/dom/ContentChild.h" #include "mozilla/BasePrincipal.h" +#include "mozilla/ScopeExit.h" #include "nsIURI.h" #include "nsExternalProtocolHandler.h" #include "nsString.h" @@ -148,22 +149,25 @@ nsresult nsExtProtocolChannel::OpenURL() { nsCOMPtr<nsIExternalProtocolService> extProtService( do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID)); + auto cleanup = mozilla::MakeScopeExit([&] { + mCallbacks = nullptr; + mListener = nullptr; + }); + if (extProtService) { -#ifdef DEBUG nsAutoCString urlScheme; mUrl->GetScheme(urlScheme); bool haveHandler = false; extProtService->ExternalProtocolHandlerExists(urlScheme.get(), &haveHandler); - NS_ASSERTION(haveHandler, - "Why do we have a channel for this url if we don't support " - "the protocol?"); -#endif + if (!haveHandler) { + return NS_ERROR_UNKNOWN_PROTOCOL; + } RefPtr<mozilla::dom::BrowsingContext> ctx; rv = mLoadInfo->GetTargetBrowsingContext(getter_AddRefs(ctx)); if (NS_FAILED(rv)) { - goto finish; + return rv; } RefPtr<nsIPrincipal> triggeringPrincipal = mLoadInfo->TriggeringPrincipal(); @@ -189,9 +193,6 @@ nsresult nsExtProtocolChannel::OpenURL() { } } -finish: - mCallbacks = nullptr; - mListener = nullptr; return rv; } @@ -497,22 +498,6 @@ nsExternalProtocolHandler::AllowPort(int32_t port, const char* scheme, *_retval = false; return NS_OK; } -// returns TRUE if the OS can handle this protocol scheme and false otherwise. -bool nsExternalProtocolHandler::HaveExternalProtocolHandler(nsIURI* aURI) { - MOZ_ASSERT(aURI); - nsAutoCString scheme; - aURI->GetScheme(scheme); - - nsCOMPtr<nsIExternalProtocolService> extProtSvc( - do_GetService(NS_EXTERNALPROTOCOLSERVICE_CONTRACTID)); - if (!extProtSvc) { - return false; - } - - bool haveHandler = false; - extProtSvc->ExternalProtocolHandlerExists(scheme.get(), &haveHandler); - return haveHandler; -} NS_IMETHODIMP nsExternalProtocolHandler::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo, @@ -520,14 +505,6 @@ nsExternalProtocolHandler::NewChannel(nsIURI* aURI, nsILoadInfo* aLoadInfo, NS_ENSURE_TRUE(aURI, NS_ERROR_UNKNOWN_PROTOCOL); NS_ENSURE_TRUE(aRetval, NS_ERROR_UNKNOWN_PROTOCOL); - // Only try to return a channel if we have a protocol handler for the url. - // nsOSHelperAppService::LoadUriInternal relies on this to check trustedness - // for some platforms at least. (win uses ::ShellExecute and unix uses - // gnome_url_show.) - if (!HaveExternalProtocolHandler(aURI)) { - return NS_ERROR_UNKNOWN_PROTOCOL; - } - nsCOMPtr<nsIChannel> channel = new nsExtProtocolChannel(aURI, aLoadInfo); channel.forget(aRetval); return NS_OK; diff --git a/uriloader/exthandler/nsExternalProtocolHandler.h b/uriloader/exthandler/nsExternalProtocolHandler.h index 373223bc39..0b5b73da5c 100644 --- a/uriloader/exthandler/nsExternalProtocolHandler.h +++ b/uriloader/exthandler/nsExternalProtocolHandler.h @@ -30,7 +30,6 @@ class nsExternalProtocolHandler final : public nsIExternalProtocolHandler, ~nsExternalProtocolHandler(); // helper function - bool HaveExternalProtocolHandler(nsIURI* aURI); nsCString m_schemeName; }; diff --git a/uriloader/exthandler/tests/mochitest/save_filenames.html b/uriloader/exthandler/tests/mochitest/save_filenames.html index 1535a0f657..c29285ec40 100644 --- a/uriloader/exthandler/tests/mochitest/save_filenames.html +++ b/uriloader/exthandler/tests/mochitest/save_filenames.html @@ -18,7 +18,7 @@ <img id="i1" src="http://localhost:8000/save_filename.sjs?type=png&filename=simple.png" data-filename="simple.png"> <!-- invalid characters in the filename --> -<img id="i2" src="http://localhost:8000/save_filename.sjs?type=png&filename=invalidfilename/a:b*c%63d.png" data-filename="invalidfilename_a b ccd.png"> +<img id="i2" src="http://localhost:8000/save_filename.sjs?type=png&filename=invalidfilename/a:b*c%63d.png" data-filename="invalidfilename_a_b_ccd.png"> <!-- invalid extension for a png image --> <img id="i3" src="http://localhost:8000/save_filename.sjs?type=png&filename=invalidextension.pang" data-filename="invalidextension.png"> diff --git a/uriloader/exthandler/tests/mochitest/test_invalidCharFileExtension.xhtml b/uriloader/exthandler/tests/mochitest/test_invalidCharFileExtension.xhtml index 177af3757f..d7c796589f 100644 --- a/uriloader/exthandler/tests/mochitest/test_invalidCharFileExtension.xhtml +++ b/uriloader/exthandler/tests/mochitest/test_invalidCharFileExtension.xhtml @@ -11,7 +11,7 @@ var tests = [ ["test.png:large", "test.png"], ["test.png/large", "test.png"], - [":test.png::large:", "test.png"], + [":test.png::large:", "_test.png"], ]; add_task(async function() { diff --git a/uriloader/exthandler/tests/unit/test_filename_sanitize.js b/uriloader/exthandler/tests/unit/test_filename_sanitize.js index d8ab12c266..2cc0f2844a 100644 --- a/uriloader/exthandler/tests/unit/test_filename_sanitize.js +++ b/uriloader/exthandler/tests/unit/test_filename_sanitize.js @@ -31,8 +31,9 @@ add_task(async function validate_filename_method() { Assert.equal(checkFilename("\\path.png", 0), "_path.png"); Assert.equal( checkFilename("\\path*and/$?~file.png", 0), - "_path and_$ ~file.png" + "_path_and_$_~file.png" ); + Assert.equal( checkFilename(" \u180e whit\u180ee.png \u180e", 0), "whit\u180ee.png" @@ -103,12 +104,12 @@ add_task(async function validate_filename_method() { // For whatever reason, the Android mime handler accepts the .jpeg // extension for image/png, so skip this test there. if (AppConstants.platform != "android") { - Assert.equal(checkFilename("thi/*rd.jpeg", 0), "thi_ rd.png"); + Assert.equal(checkFilename("thi/*rd.jpeg", 0), "thi__rd.png"); } Assert.equal( checkFilename("f*\\ourth file.jpg", mimeService.VALIDATE_SANITIZE_ONLY), - "f _ourth file.jpg" + "f__ourth file.jpg" ); Assert.equal( checkFilename( @@ -116,7 +117,7 @@ add_task(async function validate_filename_method() { mimeService.VALIDATE_SANITIZE_ONLY | mimeService.VALIDATE_DONT_COLLAPSE_WHITESPACE ), - "f _ift h.jpe _g" + "f__ift h.jpe__g" ); Assert.equal(checkFilename("sixth.j pe/*g", 0), "sixth.png"); @@ -157,25 +158,25 @@ add_task(async function validate_filename_method() { repeatStr.substring(0, 254 - ext.length) + ext ); - ext = "lo%?n/ginvalid? ch\\ars"; + ext = "lo#?n/ginvalid? ch\\ars"; Assert.equal( checkFilename(repeatStr + ext, mimeService.VALIDATE_SANITIZE_ONLY), - repeatStr + "lo% n_" + repeatStr + "lo#_n_" ); - ext = ".long/invalid%? ch\\ars"; + ext = ".long/invalid#? ch\\ars"; Assert.equal( checkFilename(repeatStr + ext, mimeService.VALIDATE_SANITIZE_ONLY), - repeatStr.substring(0, 233) + ".long_invalid% ch_ars" + repeatStr.substring(0, 232) + ".long_invalid#_ch_ars" ); Assert.equal( checkFilename("test_テスト_T\x83E\\S\x83T.png", 0), - "test_テスト_T E_S T.png" + "test_テスト_T_E_S_T.png" ); Assert.equal( checkFilename("test_テスト_T\x83E\\S\x83T.pテ\x83ng", 0), - "test_テスト_T E_S T.png" + "test_テスト_T_E_S_T.png" ); // Check we don't invalidate surrogate pairs when trimming. @@ -248,11 +249,11 @@ add_task(async function validate_filename_method() { // cropped to fit into 255 bytes. Assert.equal( mimeService.validateFileNameForSaving( - "라이브9.9만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24%102 000원 브랜드데이 앵콜 🎁 1.등 유산균 컬처렐 특가!", + "라이브9.9만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24%102 000원 브랜드데이 앵콜 🎁 1.등-유산균-컬처렐-특가!", "text/unknown", mimeService.VALIDATE_SANITIZE_ONLY ), - "라이브9.9만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 .등 유산균 컬처렐 특가!", + "라이브9.9만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 .등-유산균-컬처렐-특가!", "very long filename with extension" ); @@ -270,11 +271,11 @@ add_task(async function validate_filename_method() { // This filename is cropped at 254 bytes. Assert.equal( mimeService.validateFileNameForSaving( - ".라이브99만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24%102 000원 브랜드데이 앵콜 🎁 1등 유산균 컬처렐 특가!", + ".라이브99만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24_102 000원 브랜드데이 앵콜 🎁 1등 유산균 컬처렐 특가!", "text/unknown", mimeService.VALIDATE_SANITIZE_ONLY ), - "라이브99만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24%102 000원 브랜드데", + "라이브99만 시청컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장컬처렐 다이제스티브 3박스 - 3박스 더 (뚱랑이 굿즈 증정) - 선물용 쇼핑백 2장24_102 000원 브랜드데", "very filename with extension only" ); @@ -311,7 +312,7 @@ add_task(async function validate_filename_method() { Assert.equal( mimeService.validateFileNameForSaving("filename.lnk\n", "text/unknown", 0), - "filename.lnk.download", + "filename.lnk_", "filename.lnk with newline" ); @@ -321,7 +322,7 @@ add_task(async function validate_filename_method() { "text/unknown", 0 ), - "filename.lnk.download", + "filename.lnk_", "filename.lnk with newline" ); @@ -331,7 +332,7 @@ add_task(async function validate_filename_method() { "text/unknown", 0 ), - "filename. lnk", + "filename.__lnk", "filename.lnk with space and newline" ); @@ -361,7 +362,7 @@ add_task(async function validate_filename_method() { "text/unknown", mimeService.VALIDATE_ALLOW_INVALID_FILENAMES ), - "filename.LNK", + "filename.LNK_", "filename.LNK allow invalid" ); @@ -372,7 +373,7 @@ add_task(async function validate_filename_method() { mimeService.VALIDATE_SANITIZE_ONLY | mimeService.VALIDATE_ALLOW_INVALID_FILENAMES ), - "filename.URL", + "filename.URL_", "filename.URL allow invalid, sanitize only" ); @@ -392,7 +393,7 @@ add_task(async function validate_filename_method() { mimeService.VALIDATE_SANITIZE_ONLY | mimeService.VALIDATE_ALLOW_INVALID_FILENAMES ), - "filename.DESKTOP", + "filename.DESKTOP_", "filename.DESKTOP allow invalid, sanitize only" ); }); diff --git a/uriloader/exthandler/win/nsOSHelperAppService.h b/uriloader/exthandler/win/nsOSHelperAppService.h index e2bce86d5b..5c7d0728cd 100644 --- a/uriloader/exthandler/win/nsOSHelperAppService.h +++ b/uriloader/exthandler/win/nsOSHelperAppService.h @@ -33,7 +33,6 @@ class nsOSHelperAppService : public nsExternalHelperAppService { // override nsIExternalProtocolService methods NS_IMETHOD OSProtocolHandlerExists(const char* aProtocolScheme, bool* aHandlerExists) override; - nsresult LoadUriInternal(nsIURI* aURL); NS_IMETHOD GetApplicationDescription(const nsACString& aScheme, nsAString& _retval) override; |