| Index: content/browser/service_worker/service_worker_write_to_cache_job.cc
|
| diff --git a/content/browser/service_worker/service_worker_write_to_cache_job.cc b/content/browser/service_worker/service_worker_write_to_cache_job.cc
|
| index b3e6cadfcb424aea3600d289059509ac2562d4fd..bd60ba0236dade532ea847d61de7f09171973470 100644
|
| --- a/content/browser/service_worker/service_worker_write_to_cache_job.cc
|
| +++ b/content/browser/service_worker/service_worker_write_to_cache_job.cc
|
| @@ -301,6 +301,18 @@ void ServiceWorkerWriteToCacheJob::OnResponseStarted(
|
| // response to our consumer, just don't cache it?
|
| return;
|
| }
|
| + // To prevent most user-uploaded content from being used as a serviceworker.
|
| + if (version_->script_url() == url_) {
|
| + std::string mime_type;
|
| + request->GetMimeType(&mime_type);
|
| + if (mime_type != "application/x-javascript" &&
|
| + mime_type != "text/javascript" &&
|
| + mime_type != "application/javascript") {
|
| + AsyncNotifyDoneHelper(net::URLRequestStatus(
|
| + net::URLRequestStatus::FAILED, net::ERR_FAILED));
|
| + return;
|
| + }
|
| + }
|
| WriteHeadersToCache();
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 446323002:
ServiceWorker: Prevent worker script with incorrect MIME type to be registered. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master