mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-09 03:15:11 +00:00
Bug 1648964 - Improve content-type header handling, r=webdriver-reviewers,whimboo
Differential Revision: https://phabricator.services.mozilla.com/D81533
This commit is contained in:
parent
3a75881b45
commit
424c9f55f4
@ -279,12 +279,37 @@ fn build_route<U: 'static + WebDriverExtensionRoute + Send + Sync>(
|
||||
.and(warp::path::end())
|
||||
.and(warp::path::full())
|
||||
.and(warp::method())
|
||||
.and(warp::header::optional::<String>("content-type"))
|
||||
.and(warp::body::bytes())
|
||||
.map(
|
||||
move |params, full_path: warp::path::FullPath, method, body: Bytes| {
|
||||
move |params,
|
||||
full_path: warp::path::FullPath,
|
||||
method,
|
||||
content_type_header: Option<String>,
|
||||
body: Bytes| {
|
||||
if method == Method::HEAD {
|
||||
return warp::reply::with_status("".into(), StatusCode::OK);
|
||||
}
|
||||
if method == Method::POST {
|
||||
// Disallow CORS-safelisted request headers
|
||||
// c.f. https://fetch.spec.whatwg.org/#cors-safelisted-request-header
|
||||
let content_type = content_type_header
|
||||
.as_ref()
|
||||
.map(|x| x.find(';').and_then(|idx| x.get(0..idx)).unwrap_or(x))
|
||||
.map(|x| x.trim())
|
||||
.map(|x| x.to_lowercase());
|
||||
match content_type.as_ref().map(|x| x.as_ref()) {
|
||||
Some("application/x-www-form-urlencoded")
|
||||
| Some("multipart/form-data")
|
||||
| Some("text/plain") => {
|
||||
return warp::reply::with_status(
|
||||
"Invalid content-type".to_string(),
|
||||
StatusCode::BAD_REQUEST,
|
||||
)
|
||||
}
|
||||
Some(_) | None => {}
|
||||
}
|
||||
}
|
||||
let body = String::from_utf8(body.bytes().to_vec());
|
||||
if body.is_err() {
|
||||
return warp::reply::with_status(
|
||||
|
Loading…
Reference in New Issue
Block a user