Skip to content

MB-017: Missing MIME Type Format Validation #348

New issue
New issue
Open
#628
Open
MB-017: Missing MIME Type Format Validation#348
#628
Assignees
copilot-swe-agentsabarish-juspay
Labels
component:message-builderMessage constructioncopilot-candidateSuitable for GitHub Copilotgood first issueGood for newcomersmodality:multimodalMultimodal generalpriority:lowNice to have
Milestone
Phase 4: Low Priority
@murdore

Description

@murdore
murdore
opened on Dec 1, 2025

Summary

MIME types extracted from data URIs not validated, allowing invalid strings like image/foo to be passed to providers.

Root Cause

Extraction without validation (line 890): mimeType = match[1]; accepts any string.

Impact

  • Invalid MIME types → provider API rejections
  • Difficult debugging
  • No guidance on supported formats
  • Compounds MB-001 issues

Reproduction

Data URI: data:image/invalid-format;base64,abc
Expected: Validation error
Actual: Sent to provider, cryptic error

Fix

Add validation:

const VALID_IMAGE_MIME_TYPES = ['image/jpeg', 'image/png', ...];

function validateImageMimeType(mimeType: string): boolean {
  return VALID_IMAGE_MIME_TYPES.includes(mimeType);
}

// Usage:
mimeType = getValidatedMimeType(match[1], 'image/jpeg');

File: src/lib/utils/messageBuilder.ts
Lines: 886-894

Depends on: MB-001

Acceptance Criteria

  • MIME type validation
  • Fallback to valid type
  • Warning logged
  • List of supported formats

Metadata

Metadata

Assignees

Labels

component:message-builderMessage constructioncopilot-candidateSuitable for GitHub Copilotgood first issueGood for newcomersmodality:multimodalMultimodal generalpriority:lowNice to have

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions