Downloading a file of unknown media type can modify the Applications Preferences

NEW
Unassigned

Status

()

Firefox
File Handling
--
major
6 years ago
11 months ago

People

(Reporter: Vincent Lefevre, Unassigned)

Tracking

(Depends on: 1 bug)

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: DUPEME)

Attachments

(2 attachments)

(Reporter)

Description

6 years ago
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:2.2a1pre) Gecko/20110412 Firefox/4.2a1pre
Build Identifier: Mozilla/5.0 (X11; Linux x86_64; rv:2.2a1pre) Gecko/20110412 Firefox/4.2a1pre

When downloading a file, a content-type (MIME type) can be added to the Applications Preferences. The description will be reused for other files with the same content-type and it may be incorrect, giving wrong information to the user, who doesn't have access to the content-type itself, only the description.

First, having local data modified due to some remote web site is bad as the user may wonder what's going on. It can also be a potential security problem (or at least yield annoying behavior) if the user opens such a file with a wrong application (the file may come from some web site regarded as safe by the user, even under the user's control, but the user will get incorrect information).

Reproducible: Always

Steps to Reproduce:
0. (May be optional) Revert to default settings.
1. Open a file served as "Content-Type: application/binary" with .bz2 extension.
2. Open a file served as "Content-Type: application/binary" with no extension.
Actual Results:  
The second file is presented as a "Bzip archive".

Expected Results:  
Firefox should just say that the second file has type application/binary.

This even affects Safe Mode.
(Reporter)

Comment 1

6 years ago
Created attachment 525369 [details]
.bz2 file with application/binary content-type
(Reporter)

Comment 2

6 years ago
Created attachment 525370 [details]
text file with application/binary content-type
(Reporter)

Comment 3

6 years ago
I've added two attachments. After saving the first one

  .bz2 file with application/binary content-type

a line with "Bzip archive" appears in the Applications Preferences. This behavior is wrong because application/binary doesn't necessarily correspond to bzip archives. The consequence of the problem can be seen when opening the second attachment

  text file with application/binary content-type

Basically, what this means is that the correspondence between MIME types and the description provided by Firefox cannot be trusted, even for trusted web sites.
Confirmed on Linux. Theoretically, that should affect Windows and Mac, too.

(In reply to comment #3)
> Basically, what this means is that the correspondence between MIME types and
> the description provided by Firefox cannot be trusted, even for trusted web
> sites.

*unknown* MIME types.
Status: UNCONFIRMED → NEW
Ever confirmed: true
Hardware: x86_64 → All
Component: Preferences → File Handling
Product: Firefox → Core
QA Contact: preferences → file-handling
(Reporter)

Comment 5

6 years ago
FYI, users reported that such additional Applications Preferences data were affecting uploads: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/84880

Users also wonder where these data came from...

This corresponds to Mozilla bug 556977 (still UNCONFIRMED), probably a duplicate of bug 373621, which may be a consequence of this bug.
Whiteboard: DUPEME

Comment 6

6 years ago
This also happens with application/force-download files, which is very annoying since this pseudo-MIME type is precisely used to avoid defining the real MIME type and force downloading. See bug 698265.

Comment 7

5 years ago
This affects pdf.js a lot (it pretty much breaks it). Should be fixed before pdf.js is on by default in the released version. PDF files with the content-disposition:attachment header are quite common.
(Reporter)

Updated

5 years ago
Summary: Downloading a file can modify the Applications Preferences → Downloading a file of unknown media type can modify the Applications Preferences
(Reporter)

Comment 8

3 years ago
I can't reproduce this bug with:
  Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0

with the testcase provided here: mimeTypes.rdf no longer gets modified.

Note that for old profiles, one may need to clean up mimeTypes.rdf first.

Updated

2 years ago
Depends on: 503309
Component: File Handling → File Handling
Product: Core → Firefox
Depends on: 332690
You need to log in before you can comment on or make changes to this bug.