From 51047dc7b369b64355d97667b290ebd4b3539cc1 Mon Sep 17 00:00:00 2001 From: Maksim Sadym Date: Mon, 17 Mar 2025 12:59:37 +0100 Subject: [PATCH] Provide "suggestedFilename" in "WebDriver BiDi download started" hook --- source | 87 +++++++++++++++++++++++++++++++++------------------------- 1 file changed, 50 insertions(+), 37 deletions(-) diff --git a/source b/source index 904af003371..90fb128c942 100644 --- a/source +++ b/source @@ -25756,19 +25756,26 @@ document.body.appendChild(wbr); data-x="concept-request-destination">destination is the empty string, and whose synchronous flag and use-URL-credentials flag are set.

-

  • Handle the result of fetching - request as a download.

    • +

  • Handle as a download the result of fetching request.

    • -

    When a user agent is to handle a resource obtained from a fetch as a download, it - should provide the user with a way to save the resource for later use, if a resource is - successfully obtained. Otherwise, it should report any problems downloading the file to the - user.

    +

    To handle as a download a resource:

    + +
      +

    1. Let suggested filename be get suggested filename for + resource.

      2. + +

    2. Provide the user with a way to save the resource for later use. If the user + agent needs a filename, it should use suggested filename. Report any problems + downloading the file to the user.

      3. -

      If the user agent needs a filename for a resource being handled as a download, it - should select one using the following algorithm.

      +

    3. Return suggested filename.

      4. +
    + +

    To get suggested filename for resource:

    This algorithm is intended to mitigate security dangers involved in downloading files from untrusted sites, and user agents are strongly urged to follow it.

    -

  • If the resource has a `Content-Disposition` +

  • If the resource has a `Content-Disposition` header, that header specifies the attachment disposition type, and the header includes filename information, then let filename have the value specified by the header, and jump to the step labeled sanitize below. RFC6266

    • @@ -25789,16 +25796,16 @@ document.body.appendChild(wbr); download was initiated, if any.

  • Let resource origin be the origin of the URL of the - resource being downloaded, unless that URL's scheme + resource, unless that URL's scheme component is data, in which case let resource origin be the same as the interface origin, if any.

    • -

  • If there is no interface origin, then let trusted - operation be true. Otherwise, let trusted operation be true if resource origin is the same origin as interface - origin, and false otherwise.

    • +

  • If there is no interface origin, then let trusted operation be true. + Otherwise, let trusted operation be true if resource origin is the + same origin as interface origin, and false otherwise.

    • -

  • If trusted operation is true and the resource has a `

    If trusted operation is true and the resource has a `Content-Disposition` header and that header includes filename information, then let filename have the value specified by the header, and jump to the step labeled sanitize below. RFC6266

    • @@ -25823,16 +25830,18 @@ document.body.appendChild(wbr); below.

    -

  • If the resource has a `Content-Disposition` - header and that header specifies the attachment disposition type, let - filename have the value of proposed filename, and jump to the step labeled - sanitize below. RFC6266

    • +

  • If the resource has a `Content-Disposition` header and that header specifies + the attachment disposition type, let filename have the value of + proposed filename, and jump to the step labeled sanitize below. + RFC6266

  • No proposed filename: If trusted operation is true, or if the user indicated a preference for having the resource in question downloaded, let - filename have a value derived from the URL of the resource in an - implementation-defined manner, and jump to the step labeled sanitize below.

    • + filename have a value derived from the URL of the resource in + an implementation-defined manner, and jump to the step labeled sanitize + below.

  • @@ -25842,18 +25851,19 @@ document.body.appendChild(wbr);

    If the algorithm reaches this step, then a download was begun from a different origin than - the resource being downloaded, and the origin did not mark the file as suitable for + the resource, and the origin did not mark the file as suitable for downloading, and the download was not initiated by the user. This could be because a download attribute was used to trigger the download, or - because the resource in question is not of a type that the user agent supports.

    + because the resource is not of a type that the user agent supports.

    This could be dangerous, because, for instance, a hostile server could be trying to get a user to unknowingly download private information and then re-upload it to the hostile server, by tricking the user into thinking the data is from the hostile server.

    -

    Thus, it is in the user's interests that the user be somehow notified that the resource in - question comes from quite a different source, and to prevent confusion, any suggested filename - from the potentially hostile interface origin should be ignored.

    +

    Thus, it is in the user's interests that the user be somehow notified that the + resource comes from quite a different source, and to prevent confusion, any + suggested filename from the potentially hostile interface origin should be + ignored.

    • @@ -25873,7 +25883,7 @@ document.body.appendChild(wbr); data-x="concept-extension">extensions to determine the types of file on the file system, then return filename as the filename.

    -

  • Let claimed type be the type given by the resource's

    Let claimed type be the type given by the resource's Content-Type metadata, if any is known. Let named type be the type given by filename's extension, if any is known. For the purposes of this step, a @@ -25885,9 +25895,10 @@ document.body.appendChild(wbr); filename as the filename.

  • If claimed type and named type are the same type (i.e., the type - given by the resource's Content-Type metadata is consistent - with the type given by filename's extension), - then return filename as the filename.

    • + given by the resource's Content-Type metadata is + consistent with the type given by filename's extension), then return filename as the + filename.

  • If the claimed type is known, then alter filename to @@ -25913,9 +25924,9 @@ document.body.appendChild(wbr); following the last dot (".") in the filename to determine the type of the file, and from that the manner in which the file is to be opened or executed.

    -

    User agents should ignore any directory or path information provided by the resource itself, - its URL, and any download attribute, in - deciding where to store the resulting file in the user's file system.

    +

    User agents should ignore any directory or path information provided by the resource + itself, its URL, and any download + attribute, in deciding where to store the resulting file in the user's file system.

    @@ -103127,17 +103138,19 @@ location.href = '#foo'; uaAllowsDownloading are true, then:

      -

    1. Handle navigationParams's response as a download.

      2. +

    2. Let suggested filename be the result of handle as a download + navigationParams's response.

    3. Invoke WebDriver BiDi download started with navigable and a new WebDriver BiDi navigation status whose id is navigationId, status is "complete", and complete", url is navigationParams's response's URL.

      4. + data-x="concept-response-url">URL, and suggestedFilename is + suggested filename.

    • @@ -104088,7 +104101,7 @@ location.href = '#foo';

  • Otherwise, the document's type is such that the resource will not affect navigationParams's navigable, e.g., because the resource is to be handed to an external application or because it is an unknown type - that will be processed as a download. Hand-off to external software + that will be processed by handle as a download. Hand-off to external software given navigationParams's response, navigationParams's navigable, navigationParams's final sandboxing flag