@tiledesk/tiledesk-server 2.14.22 → 2.14.24

package/CHANGELOG.md

@@ -5,7 +5,14 @@
 🚀        IN PRODUCTION                        🚀
 (https://www.npmjs.com/package/@tiledesk/tiledesk-server/v/2.3.77) 
 
-# 2.14.22
+# 2.14.24
+- Improved extension management on file uploading to support .wav and .svg
+
+# 2.14.23
+- Updated whatsapp-connector to 1.0.22
+- Added new endpoint for files uploading 
+
+# 2.14.22 - aborted
 - Updated whatsapp-connector to 1.0.20
 - Added new endpoint for files uploading 
 

package/middleware/file-type.js

@@ -4,9 +4,46 @@ const fs = require('fs');
 // List of text-based MIME types that FileType cannot detect (they don't have binary signatures)
 const TEXT_MIME_TYPES = [
   'text/plain',
-  'text/csv'
+  'text/csv',
+  'image/svg+xml',
+  'application/xml',
+  'text/xml'
 ];
 
+/**
+ * Checks if two MIME types are equivalent, accepting common aliases
+ * Examples:
+ * - audio/wav === audio/wave === audio/vnd.wave
+ * - image/jpeg === image/jpg
+ */
+function areMimeTypesEquivalent(mimeType1, mimeType2) {
+  if (!mimeType1 || !mimeType2) return false;
+  if (mimeType1 === mimeType2) return true;
+  
+  // Normalize to lowercase for comparison
+  const m1 = mimeType1.toLowerCase();
+  const m2 = mimeType2.toLowerCase();
+  if (m1 === m2) return true;
+  
+  // Common MIME type aliases
+  const aliases = {
+    'audio/wav': ['audio/wave', 'audio/x-wav', 'audio/vnd.wave'],
+    'audio/wave': ['audio/wav', 'audio/x-wav', 'audio/vnd.wave'],
+    'audio/x-wav': ['audio/wav', 'audio/wave', 'audio/vnd.wave'],
+    'audio/vnd.wave': ['audio/wav', 'audio/wave', 'audio/x-wav'],
+    'image/jpeg': ['image/jpg'],
+    'image/jpg': ['image/jpeg'],
+    'application/x-zip-compressed': ['application/zip'],
+    'application/zip': ['application/x-zip-compressed'],
+  };
+  
+  // Check if m1 is an alias of m2 or vice versa
+  if (aliases[m1] && aliases[m1].includes(m2)) return true;
+  if (aliases[m2] && aliases[m2].includes(m1)) return true;
+  
+  return false;
+}
+
 async function verifyFileContent(buffer, mimetype) {
   if (!buffer) throw new Error("No file provided");
 
@@ -26,6 +63,16 @@ async function verifyFileContent(buffer, mimetype) {
           err.source = "FileContentVerification";
           throw err;
         }
+      } else if (mimetype && mimetype.startsWith('image/svg')) {
+        // Handle SVG files (can be image/svg+xml or variants)
+        try {
+          buffer.toString('utf8');
+          return true;
+        } catch (e) {
+          const err = new Error(`File content is not valid text for mimetype: ${mimetype}`);
+          err.source = "FileContentVerification";
+          throw err;
+        }
       } else {
         // For non-text files, FileType should be able to detect them
         const err = new Error(`File content does not match mimetype. Detected: unknown, provided: ${mimetype}`);
@@ -34,8 +81,8 @@ async function verifyFileContent(buffer, mimetype) {
       }
     }
 
-    // If FileType detected a type, it must match the declared mimetype
-    if (mimetype && fileType.mime !== mimetype) {
+    // If FileType detected a type, it must match the declared mimetype (or be equivalent)
+    if (mimetype && !areMimeTypesEquivalent(fileType.mime, mimetype)) {
         const err = new Error(`File content does not match mimetype. Detected: ${fileType.mime}, provided: ${mimetype}`);
         err.source = "FileContentVerification";
         throw err;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@tiledesk/tiledesk-server",
   "description": "The Tiledesk server module",
-  "version": "2.14.22",
+  "version": "2.14.24",
   "scripts": {
     "start": "node ./bin/www",
     "pretest": "mongodb-runner start",
@@ -52,7 +52,7 @@
     "@tiledesk/tiledesk-tybot-connector": "^2.0.43",
     "@tiledesk/tiledesk-voice-twilio-connector": "^0.1.28",
     "@tiledesk/tiledesk-vxml-connector": "^0.1.89",
-    "@tiledesk/tiledesk-whatsapp-connector": "1.0.20",
+    "@tiledesk/tiledesk-whatsapp-connector": "1.0.22",
     "@tiledesk/tiledesk-whatsapp-jobworker": "^0.0.13",
     "amqplib": "^0.5.5",
     "app-root-path": "^3.0.0",

package/routes/filesp.js

@@ -83,7 +83,7 @@ const fileFilter = (extensionsSource = 'chat') => {
       }
 
       const expectedMimeType = mime.lookup(ext);
-      if (expectedMimeType && file.mimetype !== expectedMimeType) {
+      if (expectedMimeType && !areMimeTypesEquivalent(file.mimetype, expectedMimeType)) {
         const error = new Error(`File content does not match mimetype. Detected: ${file.mimetype}, provided: ${expectedMimeType}`);
         error.status = 403;
         return cb(error);
@@ -102,6 +102,41 @@ function getMimeTypes(allowed_extension) {
   return allowedMimeTypes;
 }
 
+/**
+ * Checks if two MIME types are equivalent, accepting common aliases
+ * Examples:
+ * - audio/wav === audio/wave
+ * - audio/x-wav === audio/wave
+ * - image/jpeg === image/jpg
+ */
+function areMimeTypesEquivalent(mimeType1, mimeType2) {
+  if (!mimeType1 || !mimeType2) return false;
+  if (mimeType1 === mimeType2) return true;
+  
+  // Normalize to lowercase for comparison
+  const m1 = mimeType1.toLowerCase();
+  const m2 = mimeType2.toLowerCase();
+  if (m1 === m2) return true;
+  
+  // Common MIME type aliases
+  const aliases = {
+    'audio/wav': ['audio/wave', 'audio/x-wav', 'audio/vnd.wave'],
+    'audio/wave': ['audio/wav', 'audio/x-wav', 'audio/vnd.wave'],
+    'audio/x-wav': ['audio/wav', 'audio/wave', 'audio/vnd.wave'],
+    'audio/vnd.wave': ['audio/wav', 'audio/wave', 'audio/x-wav'],
+    'image/jpeg': ['image/jpg'],
+    'image/jpg': ['image/jpeg'],
+    'application/x-zip-compressed': ['application/zip'],
+    'application/zip': ['application/x-zip-compressed'],
+  };
+  
+  // Check if m1 is an alias of m2 or vice versa
+  if (aliases[m1] && aliases[m1].includes(m2)) return true;
+  if (aliases[m2] && aliases[m2].includes(m1)) return true;
+  
+  return false;
+}
+
 const uploadChat = multer({
   storage: fileService.getStorage("files"),
   fileFilter: fileFilter('chat'),