Skip to content

WTEL-9538: Fix MIME-type mismatch #183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
vlad-marusyk-wt merged 2 commits into from
Jun 25, 2026
+49 −4
Merged

WTEL-9538: Fix MIME-type mismatch #183

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
93f0862
WTEL-9538: Fix MIME-type mismatch
May 26, 2026
fce19dd
normalize client MIME hint and fail fast on unknown type
Jun 10, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 49 additions & 4 deletions grpc_api/file.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,17 @@
package grpc_api

import (
"bytes"
"context"
"errors"
"fmt"
"io"
"mime"
"net/http"
"net/url"
"strings"

"github.com/h2non/filetype"

"github.com/webitel/storage/app"

Expand Down Expand Up @@ -340,7 +345,6 @@ func (api *file) UploadFileUrl(ctx context.Context, in *storage.UploadFileUrlReq
fileRequest.DomainId = in.GetDomainId()
fileRequest.Name = model.NewId() + "_" + in.GetName()
fileRequest.ViewName = model.NewString(in.GetName())
fileRequest.MimeType = res.Header.Get("Content-Type")
fileRequest.Uuid = in.GetUuid()
fileRequest.Size = res.ContentLength
fileRequest.Channel = model.NewString(channelType(in.Channel))
Expand All @@ -350,11 +354,13 @@ func (api *file) UploadFileUrl(ctx context.Context, in *storage.UploadFileUrlReq
fileRequest.Uuid = model.NewId() // bad request ?
}

if fileRequest.MimeType == "application/octet-stream" && in.Mime != "" {
fileRequest.MimeType = in.Mime
body, mimeType, mimeErr := resolveUrlUploadMime(res, in.Mime)
if mimeErr != nil {
return nil, mimeErr
}
fileRequest.MimeType = mimeType

if err = api.ctrl.UploadFileStream(res.Body, &fileRequest); err != nil {
if err = api.ctrl.UploadFileStream(body, &fileRequest); err != nil {
return nil, err
}

Expand All @@ -379,6 +385,45 @@ func (api *file) UploadFileUrl(ctx context.Context, in *storage.UploadFileUrlReq
return result, nil
}

// Remote Content-Type is unreliable (e.g. S3 returns "image" instead of "image/jpeg"),
// so on invalid header we sniff the actual bytes and only trust clientHint as a last resort.
func resolveUrlUploadMime(res *http.Response, clientHint string) (io.ReadCloser, string, model.AppError) {
if clientHint != "" {
if parsedHint, _, err := mime.ParseMediaType(clientHint); err == nil {
clientHint = parsedHint
} else {
clientHint = ""
}
}

parsed, _, parseErr := mime.ParseMediaType(res.Header.Get("Content-Type"))
if parseErr == nil && strings.Contains(parsed, "/") && parsed != "application/octet-stream" {
return res.Body, parsed, nil
}

head := make([]byte, 512)
n, readErr := io.ReadFull(res.Body, head)
if readErr != nil && readErr != io.EOF && readErr != io.ErrUnexpectedEOF {
return nil, "", model.NewInternalError("grpc.upload_file_url.read_head", readErr.Error())
}
head = head[:n]
body := io.NopCloser(io.MultiReader(bytes.NewReader(head), res.Body))

kind, _ := filetype.Match(head)
switch {
case kind != filetype.Unknown:
detected := kind.MIME.Value
if clientHint != "" && clientHint != detected {
return nil, "", model.PolicyErrorExtSuspicious
}
return body, detected, nil
case clientHint != "":
return body, clientHint, nil
default:
return nil, "", model.PolicyErrorExtUnknown
}
}
Comment on lines +390 to +425

@kirychukyurii kirychukyurii Jun 9, 2026

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

загалом, схожа перевірка вже є нижче по флоу, в PolicyReader.testMimeType (виконується
коли файл уже стрімиться у сторадж):

storage/app/file_policy.go

Line 286 in f7e601f

func (r *PolicyReader) testMimeType(bytes []byte) error {

там матч робиться через strings.HasPrefix(declared, detected), тож, наприклад,
declared=image/jpeg; charset=binary + detected=image/jpeg пройде. тут порівняння через точну рівність, тобто той самий кейс впаде з PolicyErrorExtSuspicious.

думаю, варто вирівняти логіку і нормалізувати clientHint через
https://pkg.go.dev/mime#ParseMediaType (зріже параметри + lowercase)

@vlad-marusyk-wt vlad-marusyk-wt Jun 10, 2026

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Готово.


func (api *file) DeleteFiles(ctx context.Context, in *storage.DeleteFilesRequest) (*storage.DeleteFilesResponse, error) {
session, err := api.ctrl.GetSessionFromCtx(ctx)
if err != nil {
Expand Down
Loading