Check image filetype in api handlers (#2467)

2025-12-10 15:57:04 +00:00 · 2024-02-12 11:16:20 -08:00
parent 26b13fc33c
commit 1f9078d6ae
2 changed files with 24 additions and 1 deletions
--- a/cmd/interactive.go
+++ b/cmd/interactive.go
@@ -625,7 +625,7 @@ func getImageData(filePath string) ([]byte, error) {
 	}

 	contentType := http.DetectContentType(buf)
-	allowedTypes := []string{"image/jpeg", "image/jpg", "image/svg+xml", "image/png"}
+	allowedTypes := []string{"image/jpeg", "image/jpg", "image/png"}
 	if !slices.Contains(allowedTypes, contentType) {
 		return nil, fmt.Errorf("invalid image type: %s", contentType)
 	}