From c72e431e92c04495a960cb51cf39fc522d858860 Mon Sep 17 00:00:00 2001
From: Naz <ndpm13@ch-naseem.com>
Date: Tue, 5 Aug 2025 08:03:03 +0100
Subject: =?UTF-8?q?=E2=9C=A8feat:=20add=20some=20validation=20for=20AppIma?=
 =?UTF-8?q?ge=20downloads?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/downloader.rs | 40 ++++++++++++++++++++++++++++++++++++++++
 src/error.rs      |  4 ++++
 2 files changed, 44 insertions(+)

diff --git a/src/downloader.rs b/src/downloader.rs
index 0141424..e40d5d1 100644
--- a/src/downloader.rs
+++ b/src/downloader.rs
@@ -20,6 +20,43 @@ impl Downloader {
 
         Ok(appimages_dir()?.join(filename))
     }
+    pub fn validate_response(&self, resp: &reqwest::Response) -> Result<()> {
+        if !resp.status().is_success() {
+            return Err(Error::Download {
+                url: resp.url().to_string(),
+                source: resp.error_for_status_ref().unwrap_err(),
+            });
+        }
+
+        if let Some(len) = resp.content_length() {
+            if len < 1024 {
+                return Err(Error::InvalidAppImage);
+            }
+        }
+
+        let content_type = resp
+            .headers()
+            .get("content-type")
+            .and_then(|ct| ct.to_str().ok())
+            .unwrap_or("")
+            .to_lowercase();
+
+        let is_binary = matches!(
+            content_type.as_str(),
+            "application/octet-stream"
+                | "application/vnd.appimage"
+                | "application/x-executable"
+                | "application/x-elf"
+                | "binary/octet-stream"
+                | "application/binary",
+        );
+
+        if !is_binary {
+            return Err(Error::InvalidAppImage);
+        }
+
+        Ok(())
+    }
     pub async fn download_with_progress(&self, url: &str, path: &PathBuf) -> Result<()> {
         fs::create_dir_all(&appimages_dir()?).await?;
 
@@ -29,6 +66,9 @@ impl Downloader {
                 url: url.to_string(),
                 source,
             })?;
+
+        self.validate_response(&resp)?;
+
         let total_size = resp.content_length().unwrap_or(0);
 
         let bar = make_progress_bar(total_size)?;
diff --git a/src/error.rs b/src/error.rs
index b473469..25fc685 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -10,6 +10,7 @@ pub enum Error {
         url: String,
         source: reqwest::Error,
     },
+    InvalidAppImage,
 
     #[from]
     Io(std::io::Error),
@@ -56,6 +57,9 @@ impl core::fmt::Display for Error {
                     write!(fmt, "Failed to download from {url}: {source}")
                 }
             }
+            Error::InvalidAppImage => {
+                write!(fmt, "Invalid AppImage")
+            }
         }
     }
 }
-- 
cgit v1.2.3