def rezip_file(response, pk):
# An .xpi does not have a directory inside the zip, yet zips from github
# do, so we'll need to rezip the file before passing it through to the
# validator.
loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex)
old_filename = '{}_github_webhook.zip'.format(pk)
old_path = os.path.join(loc, old_filename)
with storage.open(old_path, 'wb') as old:
old.write(response.content)
new_filename = '{}_github_webhook.xpi'.format(pk)
new_path = os.path.join(loc, new_filename)
old_zip = SafeUnzip(old_path)
if not old_zip.is_valid():
raise
with storage.open(new_path, 'w') as new:
new_zip = zipfile.ZipFile(new, 'w')
for obj in old_zip.filelist:
# Basically strip off the leading directory.
new_filename = obj.filename.partition('/')[-1]
if not new_filename:
continue
new_zip.writestr(new_filename, old_zip.read(obj.filename))
new_zip.close()
old_zip.close()
return new_path
def test_invalid_zip_encoding(self):
zip_file = SafeUnzip(self.xpi_path('invalid-cp437-encoding.xpi'))
with pytest.raises(forms.ValidationError) as exc:
zip_file.is_valid()
assert isinstance(exc.value, forms.ValidationError)
assert exc.value.message.endswith(
'Please make sure all filenames are utf-8 or latin1 encoded.')
def get_localepicker(self):
"""
For a file that is part of a language pack, extract
the chrome/localepicker.properties file and return as
a string.
"""
start = time.time()
zip = SafeUnzip(self.file_path)
if not zip.is_valid(fatal=False):
return ''
try:
manifest = zip.extract_path('chrome.manifest')
except KeyError, e:
log.info('No file named: chrome.manifest in file: %s' % self.pk)
return ''
def get_localepicker(self):
"""
For a file that is part of a language pack, extract
the chrome/localepicker.properties file and return as
a string.
"""
start = time.time()
zip = SafeUnzip(self.file_path)
if not zip.is_valid(fatal=False):
return ''
try:
manifest = zip.extract_path('chrome.manifest')
except KeyError, e:
log.info('No file named: chrome.manifest in file: %s' % self.pk)
return ''
def rezip_file(response, pk):
# An .xpi does not have a directory inside the zip, yet zips from github
# do, so we'll need to rezip the file before passing it through to the
# validator.
loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex)
old_filename = '{}_github_webhook.zip'.format(pk)
old_path = os.path.join(loc, old_filename)
with storage.open(old_path, 'wb') as old:
old.write(response.content)
new_filename = '{}_github_webhook.xpi'.format(pk)
new_path = os.path.join(loc, new_filename)
old_zip = SafeUnzip(old_path)
if not old_zip.is_valid():
raise
with storage.open(new_path, 'w') as new:
new_zip = zipfile.ZipFile(new, 'w')
for obj in old_zip.filelist:
# Basically strip off the leading directory.
new_filename = obj.filename.partition('/')[-1]
if not new_filename:
continue
new_zip.writestr(new_filename, old_zip.read(obj.filename))
new_zip.close()
old_zip.close()
return new_path
def test_unzip_limit(self):
zip_file = SafeUnzip(self.xpi_path('langpack-localepicker'))
self.assertRaises(forms.ValidationError, zip_file.is_valid)
def test_is_broken(self):
zip_file = SafeUnzip(self.xpi_path('signed'))
zip_file.is_valid()
zip_file.info_list[2].filename = 'META-INF/foo.sf'
assert not zip_file.is_signed()
def test_is_secure(self):
zip_file = SafeUnzip(self.xpi_path('signed'))
zip_file.is_valid()
assert zip_file.is_signed()
def test_not_secure(self):
zip_file = SafeUnzip(self.xpi_path('extension'))
zip_file.is_valid()
assert not zip_file.is_signed()
def test_extract_path(self):
zip_file = SafeUnzip(self.xpi_path('langpack-localepicker'))
assert zip_file.is_valid()
assert 'locale browser de' in zip_file.extract_path('chrome.manifest')
def test_unzip_not_fatal(self):
zip_file = SafeUnzip(self.xpi_path('search.xml'))
assert not zip_file.is_valid(fatal=False)
def test_unzip_fatal(self):
zip_file = SafeUnzip(self.xpi_path('search.xml'))
self.assertRaises(zipfile.BadZipfile, zip_file.is_valid)
def test_unzip_not_fatal(self):
zip_file = SafeUnzip(self.xpi_path('search.xml'))
assert not zip_file.is_valid(fatal=False)
def test_is_broken(self):
zip_file = SafeUnzip(self.xpi_path('signed'))
zip_file.is_valid()
zip_file.info_list[2].filename = 'META-INF/foo.sf'
assert not zip_file.is_signed()
def test_is_secure(self):
zip_file = SafeUnzip(self.xpi_path('signed'))
zip_file.is_valid()
assert zip_file.is_signed()
def test_not_secure(self):
zip_file = SafeUnzip(self.xpi_path('extension'))
zip_file.is_valid()
assert not zip_file.is_signed()
def test_extract_path(self):
zip_file = SafeUnzip(self.xpi_path('langpack-localepicker'))
assert zip_file.is_valid()
assert'locale browser de' in zip_file.extract_path('chrome.manifest')
