@@ -232,20 +232,25 @@ def fetch_image(self, candidate, extra):
232232 message = u'downloading image' )) as resp :
233233 ct = resp .headers .get ('Content-Type' , None )
234234
235- # Generate a temporary file and guess the extension based on
236- # the Content-Type header. This may be wrong for badly
237- # configured servers. E.g. fanart.tv only allows .jpg uploads
238- # and ALWAYS returns a image/jpeg Content-Type, but other
239- # formats with a erroneous .jp(e)g extension apparently can
240- # sneak through the upload filter. Therefore validate the type
241- # using the file magic.
235+ # Download the image to a temporary file. As some servers
236+ # (notably fanart.tv) have proven to return wrong Content-Types
237+ # when images were uploaded with a bad file extension, do not
238+ # rely on it. Instead validate the type using the file magic
239+ # and only then determine the extension.
242240 data = resp .iter_content (chunk_size = 1024 )
243241 try :
242+ # stream only a small part of the image to get its header
244243 chunk = next (data )
245244 except StopIteration :
246245 pass
247246 else :
248247 real_ct = _image_mime_type (chunk )
248+ if real_ct is None :
249+ # detection by file magic failed, fall back to the
250+ # server-supplied Content-Type
251+ # Is our type detection failsafe enough to drop this?
252+ real_ct = ct
253+
249254 if real_ct not in CONTENT_TYPES :
250255 self ._log .debug (u'not a supported image: {}' ,
251256 real_ct or u'unknown content type' )
@@ -260,7 +265,9 @@ def fetch_image(self, candidate, extra):
260265 ct , real_ct , ext )
261266
262267 with NamedTemporaryFile (suffix = ext , delete = False ) as fh :
268+ # write the first already loaded part of the image
263269 fh .write (chunk )
270+ # download the remaining part of the image
264271 for chunk in data :
265272 fh .write (chunk )
266273 self ._log .debug (u'downloaded art to: {0}' ,
0 commit comments