nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-27 22:34:54 -05:00
Code

try to find format of any non-allowed type

Browse Source
This commit is contained in:
Kyle Spearrin 2018-05-25 14:19:40 -04:00
parent 6d3ad7d9e4
commit 68125d2c9b
1 changed files with 2 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/Icons/Services/IconFetchingService.cs
View File

@ -26,15 +26,11 @@ namespace Bit.Icons.Services
private static byte[] _icoHeader = new byte[] { 00, 00, 01, 00 };
private static string _jpegMediaType = "image/jpeg";
private static byte[] _jpegHeader = new byte[] { 255, 216, 255 };
private static string _octetMediaType = "application/octet-stream";
private static string _textMediaType = "text/plain";
private static readonly HashSet<string> _allowedMediaTypes = new HashSet<string>{
_pngMediaType,
_icoMediaType,
_icoAltMediaType,
_jpegMediaType,
_octetMediaType,
_textMediaType
_jpegMediaType
};
public IconFetchingService()
@ -185,13 +181,8 @@ namespace Bit.Icons.Services
}
var format = response.Content.Headers?.ContentType?.MediaType;
if(format == null || !_allowedMediaTypes.Contains(format))
{
return null;
}
var bytes = await response.Content.ReadAsByteArrayAsync();
if(format == _octetMediaType || format == _textMediaType)
if(format == null || !_allowedMediaTypes.Contains(format))
{
if(HeaderMatch(bytes, _icoHeader))
{