fix(gateway): validate Slack image downloads before caching

Slack may return an HTML sign-in/redirect page instead of actual media bytes (e.g. expired token, restricted file access). This adds two layers of defense: 1. Content-Type check in slack.py rejects text/html responses early 2. Magic-byte validation in base.py's cache_image_from_bytes() rejects non-image data regardless of source platform Also adds ValueError guards in wecom.py and email.py so the new validation doesn't crash those adapters. Closes #6829
2026-04-25 00:51:20 +00:00 · 2026-04-10 03:52:46 -07:00 · 2026-04-10 03:52:46 -07:00 · 0b143f2ea3
commit 0b143f2ea3
parent c8e4dcf412
5 changed files with 128 additions and 7 deletions
--- a/gateway/platforms/slack.py
+++ b/gateway/platforms/slack.py
@ -1596,6 +1596,18 @@ class SlackAdapter(BasePlatformAdapter):
                    )
                    response.raise_for_status()

+                    # Slack may return an HTML sign-in/redirect page
+                    # instead of actual media bytes (e.g. expired token,
+                    # restricted file access).  Detect this early so we
+                    # don't cache bogus data and confuse downstream tools.
+                    ct = response.headers.get("content-type", "")
+                    if "text/html" in ct:
+                        raise ValueError(
+                            "Slack returned HTML instead of media "
+                            f"(content-type: {ct}); "
+                            "check bot token scopes and file permissions"
+                        )
+
                    if audio:
                        from gateway.platforms.base import cache_audio_from_bytes
                        return cache_audio_from_bytes(response.content, ext)