trafficlunar/tomodachi-share
1
0
Fork 0
mirror of https://github.com/trafficlunar/tomodachi-share.git synced 2026-06-28 06:34:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: actual mime type checking in submit route

Browse source
This commit is contained in:
trafficlunar 2025-04-20 17:48:56 +01:00
parent 48c99e442f
commit b17478a718
3 changed files with 80 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/lib/images.ts
View file

@ -1,6 +1,7 @@
// import * as tf from "@tensorflow/tfjs-node";
// import * as nsfwjs from "nsfwjs";
import sharp from "sharp";
import { fileTypeFromBuffer } from "file-type";
const MIN_IMAGE_DIMENSIONS = 128;
const MAX_IMAGE_DIMENSIONS = 1024;
@ -23,12 +24,16 @@ const MAX_IMAGE_SIZE = 1024 * 1024; // 1 MB
export async function validateImage(file: File): Promise<{ valid: boolean; error?: string; status?: number }> {
if (!file || file.size == 0) return { valid: false, error: "Empty image file" };
if (!file.type.startsWith("image/")) return { valid: false, error: "Invalid file type. Only images are allowed" };
if (file.size > MAX_IMAGE_SIZE)
return { valid: false, error: `One or more of your images are too large. Maximum size is ${MAX_IMAGE_SIZE / (1024 * 1024)}MB` };
try {
const buffer = Buffer.from(await file.arrayBuffer());
// Check mime type
const fileType = await fileTypeFromBuffer(buffer);
if (!fileType || !fileType.mime.startsWith("image/")) return { valid: false, error: "Invalid image file type. Only actual images are allowed" };
const metadata = await sharp(buffer).metadata();
// Check image dimensions