Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Asserting validaton rule image fails on image/avif mime type. #49755

Closed
Elycin opened this issue Jan 20, 2024 · 5 comments
Closed

Asserting validaton rule image fails on image/avif mime type. #49755

Elycin opened this issue Jan 20, 2024 · 5 comments
Labels
help wanted

Comments

@Elycin
Copy link

Elycin commented Jan 20, 2024

Laravel Version

10.21.1

PHP Version

8.3.2

Database Driver & Version

MariaDB 10.6

Description

When attempting to upload an image that uses the 'image' validation rule, with a .AVIF filetype, you will encounter a validation error that returns 422 Unprocessable Entity.

Header dump from Google Chrome

Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Content-Length: 23728
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary8UfcKAEXTvAZQhTz

Transplied Curl Request:

curl '<redacted>' \
  -H 'authority: <redacted>' \
  -H 'accept: application/json, text/plain, */*' \
  -H 'accept-language: en-US,en;q=0.9' \
  -H 'content-type: multipart/form-data; boundary=----WebKitFormBoundary8UfcKAEXTvAZQhTz' \
  -H 'dnt: 1' \
  -H 'origin: <redacted>' \
  -H 'referer: <redacted>' \
  -H 'sec-ch-ua: "Not_A Brand";v="8", "Chromium";v="120", "Google Chrome";v="120"' \
  -H 'sec-ch-ua-mobile: ?0' \
  -H 'sec-ch-ua-platform: "macOS"' \
  -H 'sec-fetch-dest: empty' \
  -H 'sec-fetch-mode: cors' \
  -H 'sec-fetch-site: same-origin' \
  -H 'user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36' \
  -H 'x-csrf-token: fDGcV2IiIK7Fc2Rc9PxOQYvicB9csXL1CfM7zpdS' \
  -H 'x-requested-with: XMLHttpRequest' \
  -H 'x-xsrf-token: <redacted> \
  --data-raw $'------WebKitFormBoundary8UfcKAEXTvAZQhTz\r\nContent-Disposition: form-data; name="profile_picture"; filename="e60a91d4-351f-4fa3-b44a-d7898d0e6365.avif"\r\nContent-Type: image/avif\r\n\r\n\r\n------WebKitFormBoundary8UfcKAEXTvAZQhTz\r\n' \
  --compressed

Telescope Payload:

{
    "profile_picture": {
        "name": "e60a91d4-351f-4fa3-b44a-d7898d0e6365.avif",
        "size": "22.817KB"
    }
}

Rules method of Reqeust:

public function rules(): array 
{
    return ['profile_picture' => 'nullable|image'];
}

Telescope Response

{
    "message": "The profile picture must be an image.",
    "errors": {
        "profile_picture": [
            "The profile picture must be an image."
        ]
    }
}

Steps To Reproduce

  1. Create a new Request (php artisan make:request)
  2. Attempt to set validation rule of "image"
  3. Attempt to upload a .avif image.
@hafezdivandari
Copy link
Contributor

Here is the related code:

framework/src/Illuminate/Validation/Concerns/ValidatesAttributes.php

Lines 1313 to 1316 in 443ec44

public function validateImage($attribute, $value)
{
return $this->validateMimes($attribute, $value, ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'svg', 'webp']);
}

You may use mimes validation rule manually instead. Or send a PR to add avif.

@Elycin
Copy link
Author

Elycin commented Jan 20, 2024

@hafezdivandari Thanks for the reply and pointing it out, I'm happy to make the PR.

If possible for the Laravel developers/maintainers, I'd like to open the discussion and inquire why we're using specifically designated MIMEs rather than asserting the condition on the family. It seems like it would make more sense to handle things that way.

@github-actions GitHub Actions
Copy link

Thank you for reporting this issue!

As Laravel is an open source project, we rely on the community to help us diagnose and fix issues as it is not possible to research and fix every issue reported to us via GitHub.

If possible, please make a pull request fixing the issue you have described, along with corresponding tests. All pull requests are promptly reviewed by the Laravel team.

Thank you!

@hafezdivandari
Copy link
Contributor

hafezdivandari commented Jan 22, 2024
edited
Loading

asserting the condition on the family

@Elycin You mean something like this?

- return $this->validateMimes($attribute, $value, ['jpg', 'jpeg', 'png', 'gif', 'bmp', 'svg', 'webp']);
+ return $this->validateMimetypes($attribute, $value, 'image/*');

You should target master branch then, as it would be a breaking change.

why we're using specifically designated MIMEs

Maybe to only accept image file types that are generally supported by web browsers:

https://developer.mozilla.org/en-US/docs/Web/Media/Formats/Image_types

Then we can just add apng and avif to the current list.

@driesvints
Copy link
Member

Right now this type isn't part of the image rule. There's no specific reason. You could attempt a PR to add if if you like.

@madman-81 madman-81 mentioned this issue May 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add 'avif' and 'apng' to the list of valid image mimes madman-81/framework
4 participants
@crynobone @driesvints @Elycin @hafezdivandari