def test_webextension_crx_version_cant_unpack(self):
file_ = SimpleUploadedFile(
'foo.crx', b'Cr24\x02\x00\x00\x00&\x00\x00\x00\x01\x00\x00')
with self.assertRaises(utils.InvalidOrUnsupportedCrx) as exc:
utils.write_crx_as_xpi(file_, self.target)
assert str(exc.exception) == 'Invalid or corrupt CRX file'
# It's the caller responsability to move the original file there, as if
# it was a regular zip, since we couldn't convert it.
assert not storage.exists(self.target)
def add_file(self, chunks, filename, size):
if not self.uuid:
self.uuid = self._meta.get_field('uuid')._create_uuid()
filename = force_text(u'{0}_{1}'.format(self.uuid.hex, filename))
loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex)
base, ext = os.path.splitext(filename)
is_crx = False
# Change a ZIP to an XPI, to maintain backward compatibility
# with older versions of Firefox and to keep the rest of the XPI code
# path as consistent as possible for ZIP uploads.
# See: https://github.com/mozilla/addons-server/pull/2785
if ext == '.zip':
ext = '.xpi'
# If the extension is a CRX, we need to do some actual work to it
# before we just convert it to an XPI. We strip the header from the
# CRX, then it's good; see more about the CRX file format here:
# https://developer.chrome.com/extensions/crx
if ext == '.crx':
ext = '.xpi'
is_crx = True
if ext in amo.VALID_ADDON_FILE_EXTENSIONS:
loc += ext
log.info('UPLOAD: %r (%s bytes) to %r' % (filename, size, loc),
extra={
'email':
(self.user.email if self.user and self.user.email else '')
})
if is_crx:
hash_func = write_crx_as_xpi(chunks, loc)
else:
hash_func = hashlib.sha256()
with storage.open(loc, 'wb') as file_destination:
for chunk in chunks:
hash_func.update(chunk)
file_destination.write(chunk)
self.path = loc
self.name = filename
self.hash = 'sha256:%s' % hash_func.hexdigest()
self.save()
def add_file(self, chunks, filename, size):
if not self.uuid:
self.uuid = self._meta.get_field('uuid')._create_uuid()
_base, ext = os.path.splitext(filename)
was_crx = ext == '.crx'
# Filename we'll expose (but not use for storage).
self.name = force_str('{0}_{1}'.format(self.uuid.hex, filename))
# Final path on our filesystem. If it had a valid extension we change
# it to .xpi (CRX files are converted before validation, so they will
# be treated as normal .xpi for validation). If somehow this is
# not a valid archive or the extension is invalid parse_addon() will
# eventually complain at validation time or before even reaching the
# linter.
if ext in amo.VALID_ADDON_FILE_EXTENSIONS:
ext = '.xpi'
self.path = os.path.join(user_media_path('addons'), 'temp',
'{0}{1}'.format(uuid.uuid4().hex, ext))
hash_obj = None
if was_crx:
try:
hash_obj = write_crx_as_xpi(chunks, self.path)
except InvalidOrUnsupportedCrx:
# We couldn't convert the crx file. Write it to the filesystem
# normally, the validation process should reject this with a
# proper error later.
pass
if hash_obj is None:
hash_obj = self.write_data_to_path(chunks)
self.hash = 'sha256:%s' % hash_obj.hexdigest()
# The following log statement is used by foxsec-pipeline.
log.info(
'UPLOAD: %r (%s bytes) to %r' % (self.name, size, self.path),
extra={
'email':
(self.user.email if self.user and self.user.email else ''),
'upload_hash': self.hash,
},
)
self.save()
def add_file(self, chunks, filename, size):
if not self.uuid:
self.uuid = self._meta.get_field('uuid')._create_uuid()
filename = force_bytes(u'{0}_{1}'.format(self.uuid.hex, filename))
loc = os.path.join(user_media_path('addons'), 'temp', uuid.uuid4().hex)
base, ext = os.path.splitext(force_bytes(filename))
is_crx = False
# Change a ZIP to an XPI, to maintain backward compatibility
# with older versions of Firefox and to keep the rest of the XPI code
# path as consistent as possible for ZIP uploads.
# See: https://github.com/mozilla/addons-server/pull/2785
if ext == '.zip':
ext = '.xpi'
# If the extension is a CRX, we need to do some actual work to it
# before we just convert it to an XPI. We strip the header from the
# CRX, then it's good; see more about the CRX file format here:
# https://developer.chrome.com/extensions/crx
if ext == '.crx':
ext = '.xpi'
is_crx = True
if ext in EXTENSIONS:
loc += ext
log.info('UPLOAD: %r (%s bytes) to %r' % (filename, size, loc))
if is_crx:
hash = write_crx_as_xpi(chunks, storage, loc)
else:
hash = hashlib.sha256()
with storage.open(loc, 'wb') as file_destination:
for chunk in chunks:
hash.update(chunk)
file_destination.write(chunk)
self.path = loc
self.name = filename
self.hash = 'sha256:%s' % hash.hexdigest()
self.save()
def test_webextension_crx_version_3(self):
path = os.path.join(self.prefix, 'webextension_crx3.crx')
with open(path, 'rb') as source:
utils.write_crx_as_xpi(source, self.target)
assert zipfile.is_zipfile(self.target)
