[libsoup: 3/10] sniffing: Implement handling of the X-Content-Type-Options header

[Dan Winship <danw src gnome org>]

commit b766f11049d98f54980f64a6261914610e4e5116
Author: Gustavo Noronha Silva <gns gnome org>
Date:   Sun Dec 8 20:04:48 2013 +0100

    sniffing: Implement handling of the X-Content-Type-Options header

 libsoup/soup-content-sniffer.c |    6 +++++-
 tests/sniffing-test.c          |   19 +++++++++++++++++++
 2 files changed, 24 insertions(+), 1 deletions(-)
---
diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
index e16658b..6dec3e3 100644
--- a/libsoup/soup-content-sniffer.c
+++ b/libsoup/soup-content-sniffer.c
@@ -477,6 +477,7 @@ soup_content_sniffer_real_sniff (SoupContentSniffer *sniffer, SoupMessage *msg,
                                 SoupBuffer *buffer, GHashTable **params)
 {
        const char *content_type;
+       const char *x_content_type_options;
 
        content_type = soup_message_headers_get_content_type (msg->response_headers, params);
 
@@ -489,7 +490,10 @@ soup_content_sniffer_real_sniff (SoupContentSniffer *sniffer, SoupMessage *msg,
            !g_ascii_strcasecmp (content_type, "*/*"))
                return sniff_unknown (sniffer, buffer, FALSE);
 
-       /* TODO: 2. no-sniff flag handling. */
+       /* 2. If nosniff is specified in X-Content-Type-Options use the supplied MIME type. */
+       x_content_type_options = soup_message_headers_get_one (msg->response_headers, 
"X-Content-Type-Options");
+       if (!g_strcmp0 (x_content_type_options, "nosniff"))
+               return g_strdup (content_type);
 
        /* 3. check-for-apache-bug */
        if ((content_type != NULL) &&
diff --git a/tests/sniffing-test.c b/tests/sniffing-test.c
index b668f40..a8bc3ff 100644
--- a/tests/sniffing-test.c
+++ b/tests/sniffing-test.c
@@ -49,6 +49,20 @@ server_callback (SoupServer *server, SoupMessage *msg,
                                             "Content-Type", "text/plain");
        }
 
+       if (g_str_has_prefix (path, "/nosniff/")) {
+               char *base_name = g_path_get_basename (path);
+
+               response = soup_test_load_resource (base_name, &error);
+               g_assert_no_error (error);
+               g_free (base_name);
+
+               soup_message_headers_append (msg->response_headers,
+                                            "X-Content-Type-Options", "nosniff");
+
+               soup_message_headers_append (msg->response_headers,
+                                            "Content-Type", "no/sniffing-allowed");
+       }
+
        if (g_str_has_prefix (path, "/text_or_binary/") || g_str_has_prefix (path, "/apache_bug/")) {
                char *base_name = g_path_get_basename (path);
 
@@ -450,6 +464,11 @@ main (int argc, char **argv)
                              "/apache_bug/text.txt => text/plain",
                              do_sniffing_test);
 
+       /* X-Content-Type-Options: nosniff */
+       g_test_add_data_func ("/sniffing/nosniff",
+                             "nosniff/home.gif => no/sniffing-allowed",
+                             do_sniffing_test);
+
        /* GIF is a 'safe' type */
        g_test_add_data_func ("/sniffing/type/gif",
                              "text_or_binary/home.gif => image/gif",