Skip to content

fix(recraft): F4 url re-host on upscale/vectorize + broaden svg sniff (review M1/L7)#117

Merged
vinsonconsulting merged 1 commit into
mainfrom
fix/review-batch-c1-recraft
Jun 29, 2026
Merged

fix(recraft): F4 url re-host on upscale/vectorize + broaden svg sniff (review M1/L7)#117
vinsonconsulting merged 1 commit into
mainfrom
fix/review-batch-c1-recraft

Conversation

@vinsonconsulting

Copy link
Copy Markdown
Owner

Batch C1 of the review fixes — completes the F4 anti-CDN-leak contract.

M1 (Medium, 3/3) — transform-path url-only fallback

The F4 fallback (re-fetch a url-only Recraft result through the SSRF guard so the transient ~24h CDN url never reaches the client) was only on the generate path. requestImageTransform (upscale/vectorize) requested b64_json but had no fallback, so a style/endpoint that ignored response_format and returned a hosted url leaked it — defeating the signed-capability-URL contract for 2 of the 4 image tools. Factored into a shared rehostIfUrlOnly() applied to both paths; the transform passes its b64MimeType (png for upscale, image/svg+xml for vectorize) as the sniff fallback so a re-fetched SVG stays correctly stamped.

L7 (Low, 2/3) — svg sniff misses comment/DOCTYPE preamble

looksLikeSvg only matched a leading <?xml/<svg, so an SVG opening with a comment or DOCTYPE was mis-sniffed as image/png on the generate-path b64 case. Now scans a 512-byte prefix for an <svg tag anywhere.

Tests

upscale + vectorize re-fetch a url-only result (no CDN url leaks, svg mime preserved); a comment/DOCTYPE-led SVG sniffs as image/svg+xml. Suite 692 → 695. Typecheck + lint clean.

🤖 Generated with Claude Code

…aden svg sniff (review M1/L7)

M1: the F4 anti-CDN-leak fallback (re-fetch a url-only Recraft result through
the SSRF guard so the transient ~24h CDN url never reaches the client) was only
on the generate path. requestImageTransform (upscale/vectorize) requested
b64_json but had no fallback, so a style/endpoint that ignored response_format
and returned a hosted url leaked it — defeating the signed-capability-URL
contract for two of the four image tools. Factored the fallback into a shared
rehostIfUrlOnly() and applied it to both paths; the transform passes its
b64MimeType (png for upscale, image/svg+xml for vectorize) as the sniff fallback
so a re-fetched SVG stays correctly stamped.

L7: looksLikeSvg only matched a leading <?xml/<svg, so an SVG that opens with a
comment or DOCTYPE before the root was mis-sniffed as image/png on the
generate-path b64 case. It now scans a 512-byte prefix for an <svg tag anywhere,
recognizing comment/DOCTYPE/xml-decl preambles.

Tests: upscale + vectorize re-fetch a url-only result (no CDN url leaks, svg
mime preserved); a comment/DOCTYPE-led SVG sniffs as image/svg+xml. Suite
692 -> 695.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: Jim Vinson <jim@vinson.org>
@vinsonconsulting vinsonconsulting merged commit a6c55b5 into main Jun 29, 2026
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant