Get actual file instead of Zip when downloading in Gerrit
Robert Wetzold
we are using Gerrit 2.1.5 and I like it a lot. One thing I stumble
across quite often though is downloading files. When viewing a
side-by-side diff there is a “Download” option on each side. When I
click on download, I will get a Zip download.
What I wonder is: Why is this a zip file containing only one file and
not the file itself? This means several unnecessary clicks and is
quite annoying.
Best Regards, Robert
Nasser Grainawi
> Hi,
>
> we are using Gerrit 2.1.5 and I like it a lot. One thing I stumble
> across quite often though is downloading files. When viewing a
> click on download, I will get a Zip download.
>
> What I wonder is: Why is this a zip file containing only one file and
> not the file itself? This means several unnecessary clicks and is
> quite annoying.
>
> Best Regards, Robert
>
Check out the mimetype config option:
https://review.source.android.com//Documentation/config-gerrit.html#mimetype
Nasser
--
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum
Shawn Pearce
> On 09/30/2010 11:10 AM, Robert Wetzold wrote:
>> we are using Gerrit 2.1.5 and I like it a lot. One thing I stumble
>> across quite often though is downloading files. When viewing a
>> click on download, I will get a Zip download.
>>
>> What I wonder is: Why is this a zip file containing only one file and
>> not the file itself? This means several unnecessary clicks and is
>> quite annoying.
Its a security feature. Some browsers like Microsoft Internet
Explorer can ignore the Content-Type header sent by the HTTP server
and examine the file contents to see what it is. There are known ways
to make an image/jpeg file look enough like an HTML page with
JavaScript in it that MSIE will ignore the server's image/jpeg content
type and instead parse the HTML and execute the JavaScript. Since the
file was served by the Gerrit server, MSIE assumes this can run within
the same security context as other JavaScript from the same site, and
will allow it to execute RPCs back to the server. Since anyone can
upload such a file to a server, an evil user could create a trojan
horse "image" that turns around and approves and submits a change via
RPCs... a change that you never would have approved and submitted.
And all he needs to do is get you to visit a web page somewhere that
embeds an <iframe src> tag to point to that download link.
Its twisted and evil. We have MSIE to thank for this. So we ship a
reasonably safe default configuration, which is to bundle the file
inside of a ZIP archive, because most browsers, including MSIE, won't
handle the ZIP archive on their own but instead will pass it along to
safer local tools. We also use a randomized file name within the ZIP
archive to prevent an attacker from being able to predict the name of
the file within the archive and try to use it as a source archive for
a Java applet.
> Check out the mimetype config option:
> https://review.source.android.com//Documentation/config-gerrit.html#mimetype
Right, you can configure Gerrit to permit certain files to be
downloaded not as ZIP files. But our default is to assume everything
is unsafe. Unfortunately we don't validate content as well as we
should. We should run things we assume to be images through a
rescaling algorithm to rescale the image and recompress it, that way
its less likely that evil content piggybacking in the file will make
it out to the browser. If we do that, we can open the defaults to
make images easier to view in Gerrit, which is probably a great idea
for most projects because they use images for icons, wallpapers, etc.