From 423bd5b84aee7a02b62e4e4d8a83d7df6c0943d9 Mon Sep 17 00:00:00 2001 From: "abarth@chromium.org" Date: Fri, 23 Jan 2009 17:30:50 +0000 Subject: When the server says "nosniff" but then doesn't give us a Content-Type we now treat the response as "text/plain". Before, we treated the response as a download. This behavior is (a) safer and (b) matches what we expect in IE8. R=darin Review URL: http://codereview.chromium.org/18549 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@8559 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/renderer_host/buffered_resource_handler.cc | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/chrome/browser/renderer_host/buffered_resource_handler.cc b/chrome/browser/renderer_host/buffered_resource_handler.cc index 14f6934..ea7d69d 100644 --- a/chrome/browser/renderer_host/buffered_resource_handler.cc +++ b/chrome/browser/renderer_host/buffered_resource_handler.cc @@ -116,7 +116,8 @@ bool BufferedResourceHandler::DelayResponse() { request_->GetResponseHeaderByName("x-content-type-options", &content_type_options); - const bool sniffing_blocked = (content_type_options == "nosniff"); + const bool sniffing_blocked = + LowerCaseEqualsASCII(content_type_options, "nosniff"); const bool we_would_like_to_sniff = net::ShouldSniffMimeType(request_->url(), mime_type); @@ -131,6 +132,14 @@ bool BufferedResourceHandler::DelayResponse() { return true; } + if (sniffing_blocked && mime_type.empty()) { + // Ugg. The server told us not to sniff the content but didn't give us a + // mime type. What's a browser to do? Turns out, we're supposed to treat + // the response as "text/plain". This is the most secure option. + mime_type.assign("text/plain"); + response_->response_head.mime_type.assign(mime_type); + } + if (ShouldBuffer(request_->url(), mime_type)) { // This is a temporary fix for the fact that webkit expects to have // enough data to decode the doctype in order to select the rendering -- cgit v1.1