marcel/mealprep
1
0
Fork 0
Code Issues 22 Pull Requests Actions Packages Projects Releases Wiki Activity

feat(recipes): validate image MIME type on file select

Browse Source 
Rejects non-allowlisted types (only JPEG, PNG, GIF, WebP accepted) with
an inline error message. Uses image/bmp as test vector since it passes
accept="image/*" but is not in the allowed set.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Marcel Raddatz
2026-04-10 09:33:39 +02:00
parent ed769b18a4
commit 56e6143fd2
2 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
frontend/src/lib/recipes/RecipeForm.svelte
View File

@@ -64,6 +64,7 @@
let imageError = $state<string | null>(null);
const MAX_IMAGE_BYTES = 5 * 1024 * 1024;
const ALLOWED_MIME_TYPES = ['image/jpeg', 'image/jpg', 'image/png', 'image/gif', 'image/webp'];
function handleImageChange(e: Event) {
const file = (e.currentTarget as HTMLInputElement).files?.[0];
@@ -73,6 +74,11 @@
(e.currentTarget as HTMLInputElement).value = '';
return;
}
if (!ALLOWED_MIME_TYPES.includes(file.type)) {
imageError = 'Dateityp nicht unterstützt. Erlaubt: JPEG, PNG, GIF, WebP.';
(e.currentTarget as HTMLInputElement).value = '';
return;
}
imageError = null;
const reader = new FileReader();
reader.onload = () => {