lib/request: validate response content-type 🐛

lib/request.js

@@ -14,6 +14,7 @@ const captureStackTrace = DEV ? require('capture-stack-trace') : () => {}
 const {stringify} = require('qs')
 const Promise = require('pinkie-promise')
 const {fetch} = require('fetch-ponyfill')({Promise})
+const {parse: parseContentType} = require('content-type')
 const {addErrorInfo} = require('./errors')
 
 const proxyAddress = process.env.HTTPS_PROXY || process.env.HTTP_PROXY || null
@@ -118,6 +119,16 @@ const request = (ctx, userAgent, reqData) => {
 			err.message = res.statusText
 			throw err
 		}
+
+		let cType = res.headers.get('content-type')
+		if (cType) {
+			const {type} = parseContentType(cType)
+			if (type !== 'application/json') {
+				const err = new Error('invalid response content-type: ' + cType)
+				err.response = res
+				throw err
+			}
+		}
 		return res.json()
 	})
 	.then((b) => {

package.json

@@ -42,6 +42,7 @@
 		"@derhuerst/br2nl": "^1.0.0",
 		"@derhuerst/round-robin-scheduler": "^1.0.4",
 		"capture-stack-trace": "^1.0.0",
+		"content-type": "^1.0.4",
 		"create-hash": "^1.2.0",
 		"fetch-ponyfill": "^7.0.0",
 		"google-polyline": "^1.0.3",