Skip to content

fix(file-input): reject unsupported image formats on upload#868

Open
DanMyers300 wants to merge 3 commits intostoatchat:mainfrom
DanMyers300:859
Open

fix(file-input): reject unsupported image formats on upload#868
DanMyers300 wants to merge 3 commits intostoatchat:mainfrom
DanMyers300:859

Conversation

@DanMyers300
Copy link

@DanMyers300 DanMyers300 commented Feb 21, 2026

Summary

Fixes #859

The server banner (and other image file inputs) allowed .avif and other unsupported formats to be selected and submitted, despite the backend rejecting them.

What changed

Form2.FileInput now validates the selected file's MIME type against the list of supported image formats (image/jpeg, image/png, image/gif, image/webp) before accepting it. If an unsupported format is chosen, an error modal is shown and the file is not set on the form control.
This is enforced in the shared Form2.FileInput wrapper, so it covers all image upload inputs across the app (server banners, user profile banners, server icons, channel icons, avatars, and webhook avatars).

Testing

Try uploading an .avif file to the server banner, you should now see an error modal with the message "The file '...' has an unsupported format." and the banner should remain unchanged.

@DanMyers300
fix(file-input): reject unsupported image formats on upload
a71b3c0 
When a user selects an image file whose MIME type is not in the
allowed list (JPEG, PNG, GIF, WebP), the file is now rejected and
an error modal is shown instead of silently accepting it. This
prevents formats like AVIF from being uploaded when the backend
does not support them.

Signed-off-by: Dan <contact@danmyers.net>
@DanMyers300
Copy link
Author

DanMyers300 commented Feb 21, 2026

2026-02-21.15-50-48.mp4

@gabrielfordevelopment
Copy link

gabrielfordevelopment commented Feb 22, 2026

Would be nice if you could give more information to the user, such as a list of the supported formats.
"File format is not supported. Supported formats: JPG, PNG....."
Information is really appreciated by users.

@DanMyers300
Copy link
Author

DanMyers300 commented Feb 22, 2026

Would be nice if you could give more information to the user, such as a list of the supported formats. "File format is not supported. Supported formats: JPG, PNG....." Information is really appreciated by users.

Thanks for the suggestion. I've included a message showing what file types are permitted.

image

@DanMyers300
fix(file-input): include supported formats in unsupported format erro…
93bea49 
…r message

Signed-off-by: Dan <contact@danmyers.net>
@gabrielfordevelopment
Copy link

gabrielfordevelopment commented Feb 22, 2026

Would be nice if you could give more information to the user, such as a list of the supported formats. "File format is not supported. Supported formats: JPG, PNG....." Information is really appreciated by users.

Thanks for the suggestion. I've included a message showing what file types are permitted.

image

In the long term, it might be better to not hardcode any of these.
Put them in a List instead and print out the list.
This way if Stoat will support more files later, it will dynamically extend the supported files List, so you we don't have to manually change the text every time

@DanMyers300
refactor(file-input): derive supported format list from ALLOWED_IMAGE…
3d5821b 
…_TYPE_LABELS array

Signed-off-by: Dan <contact@danmyers.net>
@DanMyers300
Copy link
Author

DanMyers300 commented Feb 22, 2026

In the long term, it might be better to not hardcode any of these.
Put them in a List instead and print out the list.
This way if Stoat will support more files later, it will dynamically extend the supported files List, so you we don't have to manually change the text every time

Good call! I've gone ahead and done exactly that. I added an ALLOWED_IMAGE_TYPE_LABELS array in Draft.ts right next to ALLOWED_IMAGE_TYPES, and the error message now builds the format list dynamically from it. I could programmatically derive the image labels from the image types list but I thought it would be nice to have an image label list as well in the future.

@insertish insertish requested review from a team March 21, 2026 14:28
insertish
insertish reviewed Mar 21, 2026
View reviewed changes
packages/client/components/ui/components/utils/Form2.tsx
Comment on lines +171 to +172
// FileInput resets to null before passing the new file for
// reactivity reasons, so restore the last accepted value
Copy link
Contributor

@insertish insertish Mar 21, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we can fix the root cause here instead of doing a workaround?

@insertish insertish mentioned this pull request Mar 21, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@insertish insertish insertish left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@DanMyers300 @gabrielfordevelopment @insertish