The type check for SVG images is insufficient and self-admittedly ad-hoc:
serenity/Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp
Lines 131 to 134 in 1a29ff6
For example, the following image ends with .svg but was presumably re-encoded to WebP by Cloudflare Image Optimization: https://res.cloudinary.com/tripactions/image/upload/f_auto/q_auto/v1691083932/site/customer-logo/logo_ZM_wordmark_bloom-RGB.svg
This causes a crash here as we're scanning a WebP image as though it's HTML with valid UTF-8 attributes:
serenity/Userland/Libraries/LibWeb/HTML/Parser/HTMLEncodingDetection.cpp
Lines 152 to 153 in 1a29ff6
VERIFICATION FAILED: !_temporary_result.is_error() at /home/lukew/Desktop/serenity-project/serenity/Userland/Libraries/LibWeb/HTML/Parser/HTMLEncodingDetection.cpp:153
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-core.so.0(ak_verification_failed+0x96) [0x7f373d4eb276]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0(+0x67ac0e) [0x7f373ca7ac0e]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::run_prescan_byte_stream_algorithm(Web::DOM::Document&, AK::Detail::ByteBuffer<32ul> const&) 0x82e) [0x7f373ca7b43e]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::run_encoding_sniffing_algorithm(Web::DOM::Document&, AK::Detail::ByteBuffer<32ul> const&) 0x8c) [0x7f373ca7b6ec]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::HTMLParser::create_with_uncertain_encoding(Web::DOM::Document&, AK::Detail::ByteBuffer<32ul> const&) 0x91) [0x7f373ca98671]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0 Web::SVG::SVGDecodedImageData::create(Web::Page&, AK::URL const&, AK::Detail::ByteBuffer<32ul>) 0x553) [0x7f373cbef833]
/home/lukew/Desktop/serenity-project/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::SharedImageRequest::handle_successful_fetch(AK::URL const&, AK::StringView, AK::Detail::ByteBuffer<32ul>) 0x1cf) [0x7f373cac708f]
It seems we need to implement this part of the spec:
The user agent should apply the image sniffing rules to determine the type of the image, with the image's associated Content-Type headers giving the official type. If these rules are not applied, then the type of the image must be the type given by the image's associated Content-Type headers.
https://html.spec.whatwg.org/#images-processing-model:content-type-sniffing:-image
https://mimesniff.spec.whatwg.org/#rules-for-sniffing-images-specifically
How does funding with Polar work?
Pay now to fund the work behind this issue.
Get updates on progress being made.
Maintainer is rewarded once the issue is completed.
Backer
You're funding impactful open source efforts
Contributor
You want to contribute to this effort
Maintainer
You want to get funding like this too