push of an image that contains foreign layers should not succeed
Our upload logic does not seem to check on the type of the blob that is being uploaded. Foreign layers should be rejected. We should check on the content_type provided in the request.
We should audit manifests too.