From d53795184cd0ee326b0da58b267e3460f948703c Mon Sep 17 00:00:00 2001
From: syuilo <Syuilotan@yahoo.co.jp>
Date: Sun, 26 Dec 2021 01:43:51 +0900
Subject: enhance(server): better content type detection

---
 packages/backend/src/server/proxy/proxy-media.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'packages/backend/src/server/proxy/proxy-media.ts')

diff --git a/packages/backend/src/server/proxy/proxy-media.ts b/packages/backend/src/server/proxy/proxy-media.ts
index 9e13c0877f..7d6652a97a 100644
--- a/packages/backend/src/server/proxy/proxy-media.ts
+++ b/packages/backend/src/server/proxy/proxy-media.ts
@@ -6,6 +6,7 @@ import { createTemp } from '@/misc/create-temp';
 import { downloadUrl } from '@/misc/download-url';
 import { detectType } from '@/misc/get-file-info';
 import { StatusError } from '@/misc/fetch';
+import { FILE_TYPE_WHITELIST } from '@/const';
 
 export async function proxyMedia(ctx: Koa.Context) {
 	const url = 'url' in ctx.query ? ctx.query.url : 'https://' + ctx.params.url;
@@ -18,7 +19,7 @@ export async function proxyMedia(ctx: Koa.Context) {
 
 		const { mime, ext } = await detectType(path);
 
-		if (!mime.startsWith('image/')) throw 403;
+		if (!FILE_TYPE_WHITELIST.includes(mime)) throw 403;
 
 		let image: IImage;
 
-- 
cgit v1.2.3-freya