From 691b2879bddab27fd6c0ee5c9827eb0b0daca6cb Mon Sep 17 00:00:00 2001 From: Nicholas Pike Date: Mon, 23 Sep 2024 05:33:29 -0700 Subject: [PATCH] Fix image content-type validation case sensitivity (#125236) --- homeassistant/components/image/__init__.py | 2 +- tests/components/image/conftest.py | 15 ++++++++++++ tests/components/image/test_init.py | 27 ++++++++++++++++++++++ 3 files changed, 43 insertions(+), 1 deletion(-) diff --git a/homeassistant/components/image/__init__.py b/homeassistant/components/image/__init__.py index 692a398c577..66aab1fde79 100644 --- a/homeassistant/components/image/__init__.py +++ b/homeassistant/components/image/__init__.py @@ -70,7 +70,7 @@ class ImageContentTypeError(HomeAssistantError): def valid_image_content_type(content_type: str | None) -> str: """Validate the assigned content type is one of an image.""" - if content_type is None or content_type.split("/", 1)[0] != "image": + if content_type is None or content_type.split("/", 1)[0].lower() != "image": raise ImageContentTypeError return content_type diff --git a/tests/components/image/conftest.py b/tests/components/image/conftest.py index 8bb5d19b6db..e5e7649bee8 100644 --- a/tests/components/image/conftest.py +++ b/tests/components/image/conftest.py @@ -52,6 +52,21 @@ class MockImageEntityInvalidContentType(image.ImageEntity): return b"Test" +class MockImageEntityCapitalContentType(image.ImageEntity): + """Mock image entity with correct content type, but capitalized.""" + + _attr_name = "Test" + + async def async_added_to_hass(self): + """Set the update time and assign and incorrect content type.""" + self._attr_content_type = "Image/jpeg" + self._attr_image_last_updated = dt_util.utcnow() + + async def async_image(self) -> bytes | None: + """Return bytes of image.""" + return b"Test" + + class MockURLImageEntity(image.ImageEntity): """Mock image entity.""" diff --git a/tests/components/image/test_init.py b/tests/components/image/test_init.py index 717e82a652d..90b750976ce 100644 --- a/tests/components/image/test_init.py +++ b/tests/components/image/test_init.py @@ -18,6 +18,7 @@ from homeassistant.setup import async_setup_component from .conftest import ( MockImageEntity, + MockImageEntityCapitalContentType, MockImageEntityInvalidContentType, MockImageNoStateEntity, MockImagePlatform, @@ -138,6 +139,32 @@ async def test_no_valid_content_type( assert resp.status == HTTPStatus.INTERNAL_SERVER_ERROR +async def test_valid_but_capitalized_content_type( + hass: HomeAssistant, hass_client: ClientSessionGenerator +) -> None: + """Test invalid content type.""" + mock_integration(hass, MockModule(domain="test")) + mock_platform( + hass, "test.image", MockImagePlatform([MockImageEntityCapitalContentType(hass)]) + ) + assert await async_setup_component( + hass, image.DOMAIN, {"image": {"platform": "test"}} + ) + await hass.async_block_till_done() + + client = await hass_client() + + state = hass.states.get("image.test") + access_token = state.attributes["access_token"] + assert state.attributes == { + "access_token": access_token, + "entity_picture": f"/api/image_proxy/image.test?token={access_token}", + "friendly_name": "Test", + } + resp = await client.get(f"/api/image_proxy/image.test?token={access_token}") + assert resp.status == HTTPStatus.OK + + async def test_fetch_image_authenticated( hass: HomeAssistant, hass_client: ClientSessionGenerator, mock_image_platform: None ) -> None: