In content_hash_fetcher.cc, we fetch verified_contents.json from network if the file on disk was missing/corrupt. However, if the fetch fails, e.g. got a 404 page response, content_hash_fetcher.cc will write that response to disk before checking if it was a valid looking verified_contents first.
This is not the end of the world as we will later read the file, JSON parse it, and the outcome will be failure anyway. But it definitely seems a bit odd where the failure could have been identified earlier and with less cost (i.e. less file read + json parse).
I noticed this while writing a test, filing to track the issue.
Comment 1 by bugdroid1@chromium.org
, Mar 3 2018