Skip to content

fix: use resizable image MIME types in Accept header for external image fetch #5599

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
kyrisu wants to merge 1 commit into
base: main
Choose a base branch
from
Open

fix: use resizable image MIME types in Accept header for external image fetch #5599

kyrisu wants to merge 1 commit into from
+18 −2

Conversation

@kyrisu
Copy link

@kyrisu kyrisu commented Feb 2, 2026

Description

When pasting HTML containing external image URLs (e.g. from Tailwind UI components), the server fetches those images with an Accept header that includes image/avif. Services like Unsplash that support auto=format perform content negotiation based on this header and serve AVIF data. Cloudflare Image Resizing cannot process AVIF as input, resulting in ERROR 9520: Original image has unsupported format.

This PR adds a RESIZABLE_IMAGE_MIME_TYPES whitelist in the SDK containing only formats that Cloudflare Image Resizing supports as input (JPEG, PNG, GIF, WebP, SVG), and uses it in the Accept header when fetching external images during paste.

Direct file uploads are unaffected — users can still upload AVIF files, which are stored as-is.

Reference: https://developers.cloudflare.com/images/transform-images/#supported-input-formats

Steps for reproduction

  1. Open the builder and create or open a project
  2. Copy this HTML to your clipboard: 
    <img src="https://images.unsplash.com/photo-1521737604893-d14cc237f11d?ixlib=rb-4.0.3&ixid=MnwxMjA3fDB8MHxwaG90by1wYWdlfHx8fGVufDB8fHx8&auto=format&fit=crop&crop=focalpoint&fp-y=.8&w=2830&h=1500&q=80&blend=111827&sat=-100&exp=15&blend-mode=screen" alt="" class="absolute inset-0 -z-10 size-full object-cover object-right opacity-10 md:object-center" />
  3. Paste it into the canvas
  4. Before fix: Image fails to load with ERROR 9520: Original image has unsupported format
  5. After fix: Image loads correctly — the server requests JPEG/PNG/GIF/WebP/SVG from Unsplash instead of AVIF

Code Review

  • hi @kof, I need you to do
    • conceptual review (architecture, feature-correctness)
    • detailed review (read every line)
    • test it on preview

Before requesting a review

  • made a self-review
  • added inline comments where things may be not obvious (the "why", not "what")

Before merging

  • tested locally and on preview environment (preview dev login: 0000)
    • Note: full verification requires the hosted environment with Cloudflare Image Resizing (RESIZE_ORIGIN)
  • updated test cases document
  • added tests
  • if any new env variables are added, added them to .env file

@kyrisu
fix: use resizable image MIME types in Accept header for external ima…
7ffa7b4 
…ge fetch

When pasting HTML with external image URLs (e.g. Unsplash with auto=format),
the server fetched images with an Accept header including image/avif.
Services performed content negotiation and served AVIF data, which Cloudflare
Image Resizing cannot process as input, causing ERROR 9520.

Add RESIZABLE_IMAGE_MIME_TYPES whitelist limited to Cloudflare-supported
input formats (JPEG, PNG, GIF, WebP, SVG) and use it in the Accept header.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kyrisu