Merge pull request 'Validate URLs before attempting download' (#13) from feat/issue-2 into main

Reviewed-on: https://git.ch-naseem.com/ndpm13/zap-rs/pulls/13
author: Naz <ndpm13@ch-naseem.com> 2025-08-05 08:07:07 +0100
committer: Naz <ndpm13@ch-naseem.com> 2025-08-05 08:07:07 +0100
commit: 896282dc598f54b1e8b9169a74a344ba23f580ea (patch)
tree: 313019595371f181660d1702390591ac74d2c6a6
parent: 1c7a6ec20f232a8b79192c176d850c4235722ec2 (diff)
parent: c72e431e92c04495a960cb51cf39fc522d858860 (diff)
2 files changed, 44 insertions, 0 deletions
diff --git a/src/downloader.rs b/src/downloader.rs
index 0141424..e40d5d1 100644
--- a/src/downloader.rs
+++ b/src/downloader.rs
@@ -20,6 +20,43 @@ impl Downloader {
 
         Ok(appimages_dir()?.join(filename))
     }
+    pub fn validate_response(&self, resp: &reqwest::Response) -> Result<()> {
+        if !resp.status().is_success() {
+            return Err(Error::Download {
+                url: resp.url().to_string(),
+                source: resp.error_for_status_ref().unwrap_err(),
+            });
+        }
+
+        if let Some(len) = resp.content_length() {
+            if len < 1024 {
+                return Err(Error::InvalidAppImage);
+            }
+        }
+
+        let content_type = resp
+            .headers()
+            .get("content-type")
+            .and_then(|ct| ct.to_str().ok())
+            .unwrap_or("")
+            .to_lowercase();
+
+        let is_binary = matches!(
+            content_type.as_str(),
+            "application/octet-stream"
+                | "application/vnd.appimage"
+                | "application/x-executable"
+                | "application/x-elf"
+                | "binary/octet-stream"
+                | "application/binary",
+        );
+
+        if !is_binary {
+            return Err(Error::InvalidAppImage);
+        }
+
+        Ok(())
+    }
     pub async fn download_with_progress(&self, url: &str, path: &PathBuf) -> Result<()> {
         fs::create_dir_all(&appimages_dir()?).await?;
 
@@ -29,6 +66,9 @@ impl Downloader {
                 url: url.to_string(),
                 source,
             })?;
+
+        self.validate_response(&resp)?;
+
         let total_size = resp.content_length().unwrap_or(0);
 
         let bar = make_progress_bar(total_size)?;
diff --git a/src/error.rs b/src/error.rs
index b473469..25fc685 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -10,6 +10,7 @@ pub enum Error {
         url: String,
         source: reqwest::Error,
     },
+    InvalidAppImage,
 
     #[from]
     Io(std::io::Error),
@@ -56,6 +57,9 @@ impl core::fmt::Display for Error {
                     write!(fmt, "Failed to download from {url}: {source}")
                 }
             }
+            Error::InvalidAppImage => {
+                write!(fmt, "Invalid AppImage")
+            }
         }
     }
 }
author	Naz <ndpm13@ch-naseem.com>	2025-08-05 08:07:07 +0100
committer	Naz <ndpm13@ch-naseem.com>	2025-08-05 08:07:07 +0100
commit	896282dc598f54b1e8b9169a74a344ba23f580ea (patch)
tree	313019595371f181660d1702390591ac74d2c6a6
parent	1c7a6ec20f232a8b79192c176d850c4235722ec2 (diff)
parent	c72e431e92c04495a960cb51cf39fc522d858860 (diff)