Add csp and nosniff when serving user uploads

packages/bsky/src/api/blob-resolver.ts

@@ -39,6 +39,8 @@ export const createRouter = (ctx: AppContext): express.Router => {
       // closing chunk) if the bytes don't match the expected cid.
       res.statusCode = 200
       res.setHeader('content-type', verifiedImage.contentType)
+      res.setHeader('x-content-type-options', 'nosniff')
+      res.setHeader('content-security-policy', `default-src 'none'; sandbox`)
       pipeline(verifiedImage.stream, res, (err) => {
         if (err) {
           log.warn(

packages/bsky/tests/blob-resolver.test.ts

@@ -35,11 +35,16 @@ describe('blob resolver', () => {
   })
 
   it('resolves blob with good signature check.', async () => {
-    const { data, status } = await client.get(
+    const { data, status, headers } = await client.get(
       `/blob/${fileDid}/${fileCid.toString()}`,
       { responseType: 'arraybuffer' },
     )
     expect(status).toEqual(200)
+    expect(headers['content-type']).toEqual('image/jpeg')
+    expect(headers['content-security-policy']).toEqual(
+      `default-src 'none'; sandbox`,
+    )
+    expect(headers['x-content-type-options']).toEqual('nosniff')
     await expect(verifyCidForBytes(fileCid, data)).resolves.toBeUndefined()
   })
 

packages/pds/src/api/com/atproto/sync/getBlob.ts

@@ -16,9 +16,11 @@ export default function (server: Server, ctx: AppContext) {
     }
     const cid = CID.parse(params.cid)
     const blobStream = await ctx.blobstore.getStream(cid)
-    res.setHeader('Content-Length', found.size)
-    // @TODO better codegen for */* mimetype
+    res.setHeader('content-length', found.size)
+    res.setHeader('x-content-type-options', 'nosniff')
+    res.setHeader('content-security-policy', `default-src 'none'; sandbox`)
     return {
+      // @TODO better codegen for */* mimetype
       encoding: (found.mimeType || 'application/octet-stream') as '*/*',
       body: blobStream,
     }

packages/pds/tests/file-uploads.test.ts

@@ -135,14 +135,16 @@ describe('file uploads', () => {
   })
 
   it('can fetch the file after being referenced', async () => {
-    const fetchedFile = await aliceAgent.api.com.atproto.sync.getBlob({
+    const { headers, data } = await aliceAgent.api.com.atproto.sync.getBlob({
       did: alice.did,
       cid: smallBlob.ref.toString(),
     })
-    expect(fetchedFile.headers['content-type']).toEqual('image/jpeg')
-    expect(
-      uint8arrays.equals(smallFile, new Uint8Array(fetchedFile.data)),
-    ).toBeTruthy()
+    expect(headers['content-type']).toEqual('image/jpeg')
+    expect(headers['content-security-policy']).toEqual(
+      `default-src 'none'; sandbox`,
+    )
+    expect(headers['x-content-type-options']).toEqual('nosniff')
+    expect(uint8arrays.equals(smallFile, new Uint8Array(data))).toBeTruthy()
   })
 
   it('serves the referenced blob', async () => {