[tor-commits] [tor-browser] 36/46: Bug 1777207, don't replace extensions of executables when saving on Windows any more; the filename has already been validated and it can cause the filename a user chose to be incorrect, r=mhowell, a=dmeehan
gitolite role
git at cupani.torproject.org
Wed Nov 16 20:43:16 UTC 2022
This is an automated email from the git hooks/post-receive script.
richard pushed a commit to branch base-browser-102.5.0esr-12.0-1
in repository tor-browser.
commit deefa41eab0feff5556091a3743a45042aec0b3b
Author: Neil Deakin <neil at mozilla.com>
AuthorDate: Thu Sep 15 01:26:04 2022 +0000
Bug 1777207, don't replace extensions of executables when saving on Windows any more; the filename has already been validated and it can cause the filename a user chose to be incorrect, r=mhowell, a=dmeehan
Differential Revision: https://phabricator.services.mozilla.com/D156729
---
toolkit/mozapps/downloads/HelperAppDlg.jsm | 23 -----
.../mozapps/downloads/tests/browser/browser.ini | 1 +
.../tests/browser/browser_save_wrongextension.js | 99 ++++++++++++++++++++++
.../tests/mochitest/browser_save_filenames.js | 12 ---
.../exthandler/tests/mochitest/save_filenames.html | 19 ++---
5 files changed, 108 insertions(+), 46 deletions(-)
diff --git a/toolkit/mozapps/downloads/HelperAppDlg.jsm b/toolkit/mozapps/downloads/HelperAppDlg.jsm
index 0a5a4a460bf3..bbd7bc665c7e 100644
--- a/toolkit/mozapps/downloads/HelperAppDlg.jsm
+++ b/toolkit/mozapps/downloads/HelperAppDlg.jsm
@@ -462,29 +462,6 @@ nsUnknownContentTypeDialog.prototype = {
validatedFile = aLocalFolder;
}
- if (AppConstants.platform == "win") {
- let ext;
- try {
- // We can fail here if there's no primary extension set
- ext = "." + this.mLauncher.MIMEInfo.primaryExtension;
- } catch (e) {}
-
- // Append a file extension if it's an executable that doesn't have one
- // but make sure we actually have an extension to add
- let leaf = validatedFile.leafName;
- if (
- ext &&
- !leaf.toLowerCase().endsWith(ext.toLowerCase()) &&
- validatedFile.isExecutable()
- ) {
- validatedFile.remove(false);
- aLocalFolder.leafName = leaf + ext;
- if (!aAllowExisting) {
- validatedFile = DownloadPaths.createNiceUniqueFile(aLocalFolder);
- }
- }
- }
-
return validatedFile;
},
diff --git a/toolkit/mozapps/downloads/tests/browser/browser.ini b/toolkit/mozapps/downloads/tests/browser/browser.ini
index dd20d30199a8..e7a1d6a9bf0d 100644
--- a/toolkit/mozapps/downloads/tests/browser/browser.ini
+++ b/toolkit/mozapps/downloads/tests/browser/browser.ini
@@ -6,6 +6,7 @@ support-files =
unknownContentType_dialog_layout_data.txt^headers^
head.js
+[browser_save_wrongextension.js]
[browser_unknownContentType_blob.js]
[browser_unknownContentType_delayedbutton.js]
skip-if =
diff --git a/toolkit/mozapps/downloads/tests/browser/browser_save_wrongextension.js b/toolkit/mozapps/downloads/tests/browser/browser_save_wrongextension.js
new file mode 100644
index 000000000000..00099a0078da
--- /dev/null
+++ b/toolkit/mozapps/downloads/tests/browser/browser_save_wrongextension.js
@@ -0,0 +1,99 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+let url =
+ "data:text/html,<a id='link' href='http://localhost:8000/thefile.js'>Link</a>";
+
+let MockFilePicker = SpecialPowers.MockFilePicker;
+MockFilePicker.init(window);
+
+let httpServer = null;
+
+add_task(async function test() {
+ const { HttpServer } = ChromeUtils.import(
+ "resource://testing-common/httpd.js"
+ );
+
+ httpServer = new HttpServer();
+ httpServer.start(8000);
+
+ function handleRequest(aRequest, aResponse) {
+ aResponse.setStatusLine(aRequest.httpVersion, 200);
+ aResponse.setHeader("Content-Type", "text/plain");
+ aResponse.write("Some Text");
+ }
+ httpServer.registerPathHandler("/thefile.js", handleRequest);
+
+ let tab = await BrowserTestUtils.openNewForegroundTab(gBrowser, url);
+
+ let popupShownPromise = BrowserTestUtils.waitForEvent(document, "popupshown");
+
+ await BrowserTestUtils.synthesizeMouseAtCenter(
+ "#link",
+ { type: "contextmenu", button: 2 },
+ gBrowser.selectedBrowser
+ );
+ await popupShownPromise;
+
+ let tempDir = createTemporarySaveDirectory();
+ let destFile;
+
+ MockFilePicker.displayDirectory = tempDir;
+ MockFilePicker.showCallback = fp => {
+ let fileName = fp.defaultString;
+ destFile = tempDir.clone();
+ destFile.append(fileName);
+
+ MockFilePicker.setFiles([destFile]);
+ MockFilePicker.filterIndex = 1; // kSaveAsType_URL
+ };
+
+ let transferCompletePromise = new Promise(resolve => {
+ mockTransferCallback = resolve;
+ mockTransferRegisterer.register();
+ });
+
+ registerCleanupFunction(function() {
+ mockTransferRegisterer.unregister();
+ tempDir.remove(true);
+ });
+
+ document.getElementById("context-savelink").doCommand();
+
+ let contextMenu = document.getElementById("contentAreaContextMenu");
+ let popupHiddenPromise = BrowserTestUtils.waitForEvent(
+ document,
+ "popuphidden"
+ );
+ contextMenu.hidePopup();
+ await popupHiddenPromise;
+
+ await transferCompletePromise;
+
+ is(destFile.leafName, "thefile.js", "filename extension is not modified");
+
+ BrowserTestUtils.removeTab(tab);
+});
+
+add_task(async () => {
+ MockFilePicker.cleanup();
+ await new Promise(resolve => httpServer.stop(resolve));
+});
+
+/* import-globals-from ../../../../../toolkit/content/tests/browser/common/mockTransfer.js */
+Services.scriptloader.loadSubScript(
+ "chrome://mochitests/content/browser/toolkit/content/tests/browser/common/mockTransfer.js",
+ this
+);
+
+function createTemporarySaveDirectory() {
+ let saveDir = Services.dirsvc.get("TmpD", Ci.nsIFile);
+ saveDir.append("testsavedir");
+ if (!saveDir.exists()) {
+ saveDir.create(Ci.nsIFile.DIRECTORY_TYPE, 0o755);
+ }
+ return saveDir;
+}
diff --git a/uriloader/exthandler/tests/mochitest/browser_save_filenames.js b/uriloader/exthandler/tests/mochitest/browser_save_filenames.js
index aa816284cefb..af4bf421dfe5 100644
--- a/uriloader/exthandler/tests/mochitest/browser_save_filenames.js
+++ b/uriloader/exthandler/tests/mochitest/browser_save_filenames.js
@@ -202,14 +202,12 @@ function getItems(parentid) {
elem.localName == "img" && elem.dataset.nodrag != "true";
let unknown = elem.dataset.unknown;
let noattach = elem.dataset.noattach;
- let winexeext = elem.dataset.winexeext;
elements.push({
draggable,
unknown,
filename,
url,
noattach,
- winexeext,
});
elem = elem.nextElementSibling;
}
@@ -584,16 +582,6 @@ add_task(async function save_links() {
let filename = PathUtils.filename(download.target.path);
let expectedFilename = expectedItems[idx].filename;
- if (AppConstants.platform == "win") {
- // On Windows, an extension is added to executable files when saving as
- // an attachment to avoid the file looking like an executable. This is
- // done in validateLeafName in HelperAppDlg.jsm.
- // XXXndeakin should we do this for all save mechanisms?
- if (expectedItems[idx].winexeext) {
- expectedFilename += "." + expectedItems[idx].winexeext;
- }
- }
-
// Use checkShortenedFilename to check long filenames.
if (expectedItems[idx].filename.length > 240) {
ok(
diff --git a/uriloader/exthandler/tests/mochitest/save_filenames.html b/uriloader/exthandler/tests/mochitest/save_filenames.html
index 583ba55ba072..0d7004515a9b 100644
--- a/uriloader/exthandler/tests/mochitest/save_filenames.html
+++ b/uriloader/exthandler/tests/mochitest/save_filenames.html
@@ -86,14 +86,13 @@
<!-- simple script -->
<script id="i22" src="http://localhost:8000/save_filename.sjs?type=js&filename=script1.js" data-filename="script1.js"></script>
-<!-- script with invalid extension. Windows doesn't have an association for application/x-javascript
- so doesn't handle it. -->
+<!-- script with invalid extension. -->
<script id="i23" src="http://localhost:8000/save_filename.sjs?type=js&filename=script2.exe"
- data-filename="script2.exe" data-winexeext="js"></script>
+ data-filename="script2.exe"></script>
<!-- script with escaped characters -->
<script id="i24" src="http://localhost:8000/save_filename.sjs?type=js&filename=script%20%33.exe"
- data-filename="script 3.exe" data-winexeext="js"></script>
+ data-filename="script 3.exe"></script>
<!-- script with long filename -->
<script id="i25" src="http://localhost:8000/save_filename.sjs?type=js&filename=script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789script123456789.js"
@@ -153,11 +152,11 @@
<!-- script where url filename has no extension and invalid extension in content disposition filename -->
<script id="i41" src="http://localhost:8000/base?type=js&filename=script5.exe"
- data-filename="script5.exe" data-winexeext="js"></script>
+ data-filename="script5.exe"></script>
<!-- script where url filename has no extension and escaped characters in content disposition filename-->
<script id="i42" src="http://localhost:8000/base?type=js&filename=script%20%36.exe"
- data-filename="script 6.exe" data-winexeext="js"></script>
+ data-filename="script 6.exe"></script>
<!-- text where filename is present -->
<img id="i43" src="http://localhost:8000/getdata.png?type=text&filename=readme.txt"
@@ -202,11 +201,9 @@
<img id="i53" src="http://localhost:8000/save_filename.sjs?&filename=notype.png"
data-nodrag="true" data-filename="notype.png">
-<!-- no content type specified. Note that on Windows, .txt is
- appended when saving as an attachment. This is special-cased
- in browser_save_filenames.js. -->
+<!-- no content type specified. -->
<img id="i54" src="http://localhost:8000/save_filename.sjs?&filename=notypebin.exe"
- data-nodrag="true" data-filename="notypebin.exe" data-winexeext="txt">
+ data-nodrag="true" data-filename="notypebin.exe">
<!-- extension contains invalid characters -->
<img id="i55" src="http://localhost:8000/save_filename.sjs?type=png&filename=extinvalid.a?*"
@@ -261,7 +258,7 @@
<!-- simple zip file with differing extension -->
<object id="i68" data="http://localhost:8000/save_filename.sjs?type=zip&filename=simple.jar" data-filename="simple.jar"
- data-unknown="true" data-winexeext="zip"></object>
+ data-unknown="true"></object>
<!-- simple zip file with no extension -->
<object id="i69" data="http://localhost:8000/save_filename.sjs?type=zip&filename=simplepack" data-filename="simplepack.zip"
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.
More information about the tor-commits
mailing list