KevinMidboe/linguist
1
0
Fork 0
mirror of https://github.com/KevinMidboe/linguist.git synced 2025-10-29 17:50:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Blob#forbidden?

Browse Source
This commit is contained in:
Joshua Peek
2011-05-21 17:34:52 -05:00
parent b00cbd8446
commit 21ff5e2c1d
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
lib/linguist/blob_helper.rb
View File

@@ -65,6 +65,19 @@ module Linguist
['.xib', '.nib', '.pbxproj'].include?(pathname.extname)
end
# Determine if the blob contains bad content that can be used for various
# cross site attacks. Right now this is limited to flash files -- the flash
# plugin ignores the response content type and treats any URL as flash
# when the <object> tag is specified correctly regardless of file extension.
#
# Returns true when the blob data should not be served with any content-type.
def forbidden?
if data = self.data
data.size >= 8 && # all flash has at least 8 bytes
%w(CWS FWS).include?(data[0,3]) # file type sigs
end
end
def language
if text?
shebang_language || pathname.language