Skip to content

fix(image-input): enforce image types on upload #8054

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
May 1, 2025
Merged

fix(image-input): enforce image types on upload #8054

merged 3 commits into from
May 1, 2025

Conversation

LoneRifle
Copy link
Contributor

@LoneRifle LoneRifle commented Apr 24, 2025
edited
Loading

  • Include this change in the Release Notes. If checked, you must provide an end-user friendly description for your change below

Ensure that only images are uploaded on the frontend, by filtering on MIME type

@LoneRifle LoneRifle changed the title fix(thumbnail): enforce image types on upload fix(image-input): enforce image types on upload Apr 24, 2025
@LoneRifle LoneRifle force-pushed the fix/thumbnail/enforce-img-type branch from f6e67b1 to f1d6f4b Compare April 24, 2025 05:38
@enyst enyst requested a review from Copilot April 25, 2025 01:19
Copilot
Copilot AI reviewed Apr 25, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR enforces that only image files are uploaded by filtering files based on their MIME type before invoking the onUpload callback.

  • Filters out non-image files by checking for MIME type starting with "image/"
  • Updates the file upload handler in the image input component
Comments suppressed due to low confidence (1)

frontend/src/components/features/images/upload-image-input.tsx:11

  • Consider adding tests to verify that the filtering logic correctly excludes non-image files from being uploaded.
const validFiles = Array.from(event.target.files).filter((file) =>

LoneRifle and others added 3 commits April 26, 2025 09:45
@LoneRifle @github-advanced-security
fix(thumbnail): enforce image types on upload
f66d166 
Ensure that only images are uploaded on the frontend
- filter selected files to upload by MIME type
- ensure that only blobs are accepted by thumbnail

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
@LoneRifle
chore(image-input): lint code
91c5590
@LoneRifle
fix(thumbnail): accept all src types
a2e013f
@LoneRifle LoneRifle force-pushed the fix/thumbnail/enforce-img-type branch from f1d6f4b to a2e013f Compare April 26, 2025 01:45
@xingyaoww xingyaoww merged commit 7ae3494 into All-Hands-AI:main May 1, 2025
16 checks passed
@LoneRifle LoneRifle deleted the fix/thumbnail/enforce-img-type branch May 2, 2025 13:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@rbren rbren rbren approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@LoneRifle @rbren @xingyaoww