From c72e431e92c04495a960cb51cf39fc522d858860 Mon Sep 17 00:00:00 2001 From: Naz Date: Tue, 5 Aug 2025 08:03:03 +0100 Subject: =?UTF-8?q?=E2=9C=A8feat:=20add=20some=20validation=20for=20AppIma?= =?UTF-8?q?ge=20downloads?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/downloader.rs | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) (limited to 'src/downloader.rs') diff --git a/src/downloader.rs b/src/downloader.rs index 0141424..e40d5d1 100644 --- a/src/downloader.rs +++ b/src/downloader.rs @@ -20,6 +20,43 @@ impl Downloader { Ok(appimages_dir()?.join(filename)) } + pub fn validate_response(&self, resp: &reqwest::Response) -> Result<()> { + if !resp.status().is_success() { + return Err(Error::Download { + url: resp.url().to_string(), + source: resp.error_for_status_ref().unwrap_err(), + }); + } + + if let Some(len) = resp.content_length() { + if len < 1024 { + return Err(Error::InvalidAppImage); + } + } + + let content_type = resp + .headers() + .get("content-type") + .and_then(|ct| ct.to_str().ok()) + .unwrap_or("") + .to_lowercase(); + + let is_binary = matches!( + content_type.as_str(), + "application/octet-stream" + | "application/vnd.appimage" + | "application/x-executable" + | "application/x-elf" + | "binary/octet-stream" + | "application/binary", + ); + + if !is_binary { + return Err(Error::InvalidAppImage); + } + + Ok(()) + } pub async fn download_with_progress(&self, url: &str, path: &PathBuf) -> Result<()> { fs::create_dir_all(&appimages_dir()?).await?; @@ -29,6 +66,9 @@ impl Downloader { url: url.to_string(), source, })?; + + self.validate_response(&resp)?; + let total_size = resp.content_length().unwrap_or(0); let bar = make_progress_bar(total_size)?; -- cgit v1.2.3