[tor-commits] [Git][tpo/applications/tor-browser][tor-browser-128.2.0esr-14.0-1] Bug 42220: Allow for more file types to be forced-inline.

Pier Angelo Vendrame (@pierov) git at gitlab.torproject.org
Wed Sep 18 13:35:16 UTC 2024 


Pier Angelo Vendrame pushed to branch tor-browser-128.2.0esr-14.0-1 at The Tor Project / Applications / Tor Browser


Commits:
06801c8d by Pier Angelo Vendrame at 2024-09-18T15:21:28+02:00
Bug 42220: Allow for more file types to be forced-inline.

Firefox allows to open some files in the browser without any
confirmation, but this will result in a disk leak, because the file will
be downloaded to the temporary directory first (and not deleted, in some
cases).
A preference allows PDFs to be opened without being downloaded to disk.
So, we introduce a similar one to do the same for all the files that are
set to be opened automatically in the browser.

- - - - -


2 changed files:

- modules/libpref/init/StaticPrefList.yaml
- uriloader/base/nsURILoader.cpp


Changes:

=====================================
modules/libpref/init/StaticPrefList.yaml
=====================================
@@ -1446,6 +1446,12 @@
   value: false
   mirror: always
 
+# tor-browser#42220
+- name: browser.download.ignore_content_disposition
+  type: bool
+  value: true
+  mirror: always
+
 # See bug 1811830
 - name: browser.download.force_save_internally_handled_attachments
   type: bool


=====================================
uriloader/base/nsURILoader.cpp
=====================================
@@ -292,34 +292,42 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) {
   LOG(("  forceExternalHandling: %s", forceExternalHandling ? "yes" : "no"));
 
   if (forceExternalHandling &&
-      mozilla::StaticPrefs::browser_download_open_pdf_attachments_inline()) {
+      (mozilla::StaticPrefs::browser_download_open_pdf_attachments_inline() ||
+       mozilla::StaticPrefs::browser_download_ignore_content_disposition())) {
     // Check if this is a PDF which should be opened internally. We also handle
     // octet-streams that look like they might be PDFs based on their extension.
     bool isPDF = mContentType.LowerCaseEqualsASCII(APPLICATION_PDF);
-    if (!isPDF &&
-        (mContentType.LowerCaseEqualsASCII(APPLICATION_OCTET_STREAM) ||
-         mContentType.IsEmpty())) {
+    nsAutoCString ext;
+    if (mContentType.LowerCaseEqualsASCII(APPLICATION_OCTET_STREAM) ||
+        mContentType.IsEmpty()) {
       nsAutoString flname;
       aChannel->GetContentDispositionFilename(flname);
-      isPDF = StringEndsWith(flname, u".pdf"_ns);
-      if (!isPDF) {
+      if (!flname.IsEmpty()) {
+        int32_t extStart = flname.RFindChar(u'.');
+        if (extStart != kNotFound) {
+          CopyUTF16toUTF8(Substring(flname, extStart + 1), ext);
+        }
+      }
+      if (ext.IsEmpty() || (!mozilla::StaticPrefs::
+                                browser_download_ignore_content_disposition() &&
+                            !ext.EqualsLiteral("pdf"))) {
         nsCOMPtr<nsIURI> uri;
         aChannel->GetURI(getter_AddRefs(uri));
         nsCOMPtr<nsIURL> url(do_QueryInterface(uri));
         if (url) {
-          nsAutoCString ext;
           url->GetFileExtension(ext);
-          isPDF = ext.EqualsLiteral("pdf");
         }
       }
+      isPDF = ext.EqualsLiteral("pdf");
     }
 
-    // For a PDF, check if the preference is set that forces attachments to be
-    // opened inline. If so, treat it as a non-attachment by clearing
-    // 'forceExternalHandling' again. This allows it open a PDF directly
-    // instead of downloading it first. It may still end up being handled by
-    // a helper app depending anyway on the later checks.
-    if (isPDF) {
+    // One of the preferences to forces attachments to be opened inline is set.
+    // If so, treat it as a non-attachment by clearing 'forceExternalHandling'
+    // again. This allows it open a file directly instead of downloading it
+    // first. It may still end up being handled by a helper app depending anyway
+    // on the later checks.
+    if (mozilla::StaticPrefs::browser_download_ignore_content_disposition() ||
+        isPDF) {
       nsCOMPtr<nsILoadInfo> loadInfo;
       aChannel->GetLoadInfo(getter_AddRefs(loadInfo));
 
@@ -328,8 +336,13 @@ nsresult nsDocumentOpenInfo::DispatchContent(nsIRequest* request) {
       nsCOMPtr<nsIMIMEService> mimeSvc(
           do_GetService(NS_MIMESERVICE_CONTRACTID));
       NS_ENSURE_TRUE(mimeSvc, NS_ERROR_FAILURE);
-      mimeSvc->GetFromTypeAndExtension(nsLiteralCString(APPLICATION_PDF), ""_ns,
-                                       getter_AddRefs(mimeInfo));
+      if (isPDF) {
+        mimeSvc->GetFromTypeAndExtension(nsLiteralCString(APPLICATION_PDF),
+                                         ""_ns, getter_AddRefs(mimeInfo));
+      } else {
+        mimeSvc->GetFromTypeAndExtension(mContentType, ext,
+                                         getter_AddRefs(mimeInfo));
+      }
 
       if (mimeInfo) {
         int32_t action = nsIMIMEInfo::saveToDisk;



View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/06801c8d750a70e52aa1869238f92f219106f249

-- 
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/commit/06801c8d750a70e52aa1869238f92f219106f249
You're receiving this email because of your account on gitlab.torproject.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-commits/attachments/20240918/4929b733/attachment-0001.htm>

More information about the tor-commits mailing list