download: Remove EPHY_DOWNLOAD_ACTION_AUTO
Let's always take the same action when auto-opening a file as when opening manually, instead of allowing ephy_download_do_download_action() to confusingly invoke itself recursively. At first, I thought it would be good to treat automatic downloads differently, and perform MIME type safety checking on them, but not on downloads opened manually. But I'm not so sure anymore, since it is easy for a server to give the file a deceptive file extension but report an accurate MIME type, which could trick the user into opening a harmful file (e.g. a script) if we were to stop performing MIME type safety checks on manually-opened files. So let's continue to perform that check in both cases. But now that EPHY_DOWNLOAD_ACTION_OPEN browses to the file if opening fails, there's no need to have special behavior for EPHY_DOWNLOAD_ACTION_AUTO anymore. The only difference that currently implies is that we check the safety of the MIME type once for the server's reported MIME type, fall back to browsing to the file if it's unsafe, then sniff the MIME type ourselves, check safety again, and decide to browse to. There's no point in checking the safety of the server's reported type, since we're just going to sniff it ourselves. So just get rid of it. https://bugzilla.gnome.org/show_bug.cgi?id=610586
parent
5a5584f8
Please register or sign in to comment