def test_webextension_crx_version_cant_unpack(self): file_ = SimpleUploadedFile( 'foo.crx', b'Cr24\x02\x00\x00\x00&\x00\x00\x00\x01\x00\x00') with self.assertRaises(utils.InvalidOrUnsupportedCrx) as exc: utils.write_crx_as_xpi(file_, self.target) assert str(exc.exception) == 'Invalid or corrupt CRX file' # It's the caller responsability to move the original file there, as if # it was a regular zip, since we couldn't convert it. assert not storage.exists(self.target)
def add_file(self, chunks, filename, size): if not self.uuid: self.uuid = self._meta.get_field('uuid')._create_uuid() filename = force_text(u'{0}_{1}'.format(self.uuid.hex, filename)) loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex) base, ext = os.path.splitext(filename) is_crx = False # Change a ZIP to an XPI, to maintain backward compatibility # with older versions of Firefox and to keep the rest of the XPI code # path as consistent as possible for ZIP uploads. # See: https://github.com/mozilla/addons-server/pull/2785 if ext == '.zip': ext = '.xpi' # If the extension is a CRX, we need to do some actual work to it # before we just convert it to an XPI. We strip the header from the # CRX, then it's good; see more about the CRX file format here: # https://developer.chrome.com/extensions/crx if ext == '.crx': ext = '.xpi' is_crx = True if ext in amo.VALID_ADDON_FILE_EXTENSIONS: loc += ext log.info('UPLOAD: %r (%s bytes) to %r' % (filename, size, loc), extra={ 'email': (self.user.email if self.user and self.user.email else '') }) if is_crx: hash_func = write_crx_as_xpi(chunks, loc) else: hash_func = hashlib.sha256() with storage.open(loc, 'wb') as file_destination: for chunk in chunks: hash_func.update(chunk) file_destination.write(chunk) self.path = loc self.name = filename self.hash = 'sha256:%s' % hash_func.hexdigest() self.save()
def add_file(self, chunks, filename, size): if not self.uuid: self.uuid = self._meta.get_field('uuid')._create_uuid() _base, ext = os.path.splitext(filename) was_crx = ext == '.crx' # Filename we'll expose (but not use for storage). self.name = force_str('{0}_{1}'.format(self.uuid.hex, filename)) # Final path on our filesystem. If it had a valid extension we change # it to .xpi (CRX files are converted before validation, so they will # be treated as normal .xpi for validation). If somehow this is # not a valid archive or the extension is invalid parse_addon() will # eventually complain at validation time or before even reaching the # linter. if ext in amo.VALID_ADDON_FILE_EXTENSIONS: ext = '.xpi' self.path = os.path.join(user_media_path('addons'), 'temp', '{0}{1}'.format(uuid.uuid4().hex, ext)) hash_obj = None if was_crx: try: hash_obj = write_crx_as_xpi(chunks, self.path) except InvalidOrUnsupportedCrx: # We couldn't convert the crx file. Write it to the filesystem # normally, the validation process should reject this with a # proper error later. pass if hash_obj is None: hash_obj = self.write_data_to_path(chunks) self.hash = 'sha256:%s' % hash_obj.hexdigest() # The following log statement is used by foxsec-pipeline. log.info( 'UPLOAD: %r (%s bytes) to %r' % (self.name, size, self.path), extra={ 'email': (self.user.email if self.user and self.user.email else ''), 'upload_hash': self.hash, }, ) self.save()
def add_file(self, chunks, filename, size): if not self.uuid: self.uuid = self._meta.get_field('uuid')._create_uuid() filename = force_bytes(u'{0}_{1}'.format(self.uuid.hex, filename)) loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex) base, ext = os.path.splitext(force_bytes(filename)) is_crx = False # Change a ZIP to an XPI, to maintain backward compatibility # with older versions of Firefox and to keep the rest of the XPI code # path as consistent as possible for ZIP uploads. # See: https://github.com/mozilla/addons-server/pull/2785 if ext == '.zip': ext = '.xpi' # If the extension is a CRX, we need to do some actual work to it # before we just convert it to an XPI. We strip the header from the # CRX, then it's good; see more about the CRX file format here: # https://developer.chrome.com/extensions/crx if ext == '.crx': ext = '.xpi' is_crx = True if ext in EXTENSIONS: loc += ext log.info('UPLOAD: %r (%s bytes) to %r' % (filename, size, loc)) if is_crx: hash = write_crx_as_xpi(chunks, storage, loc) else: hash = hashlib.sha256() with storage.open(loc, 'wb') as file_destination: for chunk in chunks: hash.update(chunk) file_destination.write(chunk) self.path = loc self.name = filename self.hash = 'sha256:%s' % hash.hexdigest() self.save()
def test_webextension_crx_version_3(self): path = os.path.join(self.prefix, 'webextension_crx3.crx') with open(path, 'rb') as source: utils.write_crx_as_xpi(source, self.target) assert zipfile.is_zipfile(self.target)