Uncodedtech
diff --git a/‎apps/api/v1/pages/api/users/[userId]/_patch.ts‎
Lines changed: 4 additions & 21 deletions b/‎apps/api/v1/pages/api/users/[userId]/_patch.ts‎
Lines changed: 4 additions & 21 deletions
diff --git a/‎apps/web/app/api/avatar/[uuid]/route.ts‎
Lines changed: 0 additions & 12 deletions b/‎apps/web/app/api/avatar/[uuid]/route.ts‎
Lines changed: 0 additions & 12 deletions
diff --git a/‎apps/web/public/static/locales/en/common.json‎
Lines changed: 0 additions & 8 deletions b/‎apps/web/public/static/locales/en/common.json‎
Lines changed: 0 additions & 8 deletions
diff --git a/‎packages/app-store/_utils/oauth/updateProfilePhotoGoogle.ts‎
Lines changed: 1 addition & 7 deletions b/‎packages/app-store/_utils/oauth/updateProfilePhotoGoogle.ts‎
Lines changed: 1 addition & 7 deletions
diff --git a/‎packages/lib/constants.ts‎
Lines changed: 0 additions & 3 deletions b/‎packages/lib/constants.ts‎
Lines changed: 0 additions & 3 deletions
diff --git a/‎packages/lib/imageValidationConstants.ts‎
Lines changed: 0 additions & 71 deletions b/‎packages/lib/imageValidationConstants.ts‎
Lines changed: 0 additions & 71 deletions
diff --git a/‎packages/lib/server/avatar.ts‎
Lines changed: 0 additions & 11 deletions b/‎packages/lib/server/avatar.ts‎
Lines changed: 0 additions & 11 deletions
@@ -3,8 +3,6 @@ import type { NextApiRequest } from "next";
 import { HttpError } from "@calcom/lib/http-error";
 import { uploadAvatar } from "@calcom/lib/server/avatar";
 import { defaultResponder } from "@calcom/lib/server/defaultResponder";
-import { validateBase64Image } from "@calcom/lib/server/imageValidation";
-import { resizeBase64Image } from "@calcom/lib/server/resizeBase64Image";
 import prisma from "@calcom/prisma";
 import type { Prisma } from "@calcom/prisma/client";
 
@@ -126,25 +124,10 @@ export async function patchHandler(req: NextApiRequest) {
   }
 
   if (avatar) {
-    const validation = validateBase64Image(avatar);
-    if (!validation.isValid) {
-      throw new HttpError({
-        statusCode: 400,
-        message: `Invalid avatar image: ${validation.error}`,
-      });
-    }
-
-    try {
-      body.avatarUrl = await uploadAvatar({
-        userId: query.userId,
-        avatar: await resizeBase64Image(avatar),
-      });
-    } catch (error) {
-      throw new HttpError({
-        statusCode: 400,
-        message: error instanceof Error ? error.message : "Failed to upload avatar",
-      });
-    }
+    body.avatarUrl = await uploadAvatar({
+      userId: query.userId,
+      avatar: await (await import("@calcom/lib/server/resizeBase64Image")).resizeBase64Image(avatar),
+    });
   }
 
   const data = await prisma.user.update({
 
@@ -6,7 +6,6 @@ import { z } from "zod";
 
 import { AVATAR_FALLBACK, WEBAPP_URL } from "@calcom/lib/constants";
 import { convertSvgToPng } from "@calcom/lib/server/imageUtils";
-import { validateBase64Image } from "@calcom/lib/server/imageValidation";
 import prisma from "@calcom/prisma";
 
 const querySchema = z.object({
@@ -47,12 +46,6 @@ async function handler(req: NextRequest, { params }: { params: Promise<Params> }
       },
     });
 
-    const validation = validateBase64Image(data);
-    if (!validation.isValid) {
-      const url = new URL(AVATAR_FALLBACK, WEBAPP_URL).toString();
-      return NextResponse.redirect(url, 302);
-    }
-
     // Convert SVG to PNG if needed and update the database
     if (data.startsWith("data:image/svg+xml;base64,")) {
       const pngData = await convertSvgToPng(data);
@@ -79,11 +72,6 @@ async function handler(req: NextRequest, { params }: { params: Promise<Params> }
       "Content-Type": "image/png",
       "Content-Length": imageResp.length.toString(),
       "Cache-Control": "max-age=86400",
-      // Security headers to prevent XSS
-      "X-Content-Type-Options": "nosniff",
-      "Content-Disposition": "inline",
-      "X-Frame-Options": "DENY",
-      "Content-Security-Policy": "default-src 'none'; img-src 'self'",
     },
     status: 200,
   });
 
@@ -3581,14 +3581,6 @@
   "webhook_metadata": "Metadata",
   "stats": "Stats",
   "booking_status": "Booking status",
-  "unsupported_file_type": "{{type}} files cannot be uploaded as images",
-  "only_image_files_allowed": "Only image files are allowed",
-  "failed_to_validate_image_file": "Failed to validate image file",
-  "invalid_image_file_format": "Invalid image file format",
-  "svg_contains_dangerous_content": "SVG contains potentially dangerous content",
-  "unrecognized_image_format": "Unrecognized image format or invalid file",
-  "invalid_base64_format": "Invalid base64 format",
-  "empty_image_data": "Empty image data",  
   "visit": "Visit",
   "location_custom_label_input_label": "Custom label on booking page",
   "meeting_link": "Meeting link",
 
@@ -3,7 +3,6 @@ import type { OAuth2Client } from "googleapis-common";
 
 import logger from "@calcom/lib/logger";
 import { uploadAvatar } from "@calcom/lib/server/avatar";
-import { validateBase64Image } from "@calcom/lib/server/imageValidation";
 import { UserRepository } from "@calcom/lib/server/repository/user";
 import { resizeBase64Image } from "@calcom/lib/server/resizeBase64Image";
 import prisma from "@calcom/prisma";
@@ -17,17 +16,12 @@ export async function updateProfilePhotoGoogle(oAuth2Client: OAuth2Client, userI
       return;
     }
 
+    // Handle base64 data
     if (
       avatarUrl.startsWith("data:image/png;base64,") ||
       avatarUrl.startsWith("data:image/jpeg;base64,") ||
       avatarUrl.startsWith("data:image/jpg;base64,")
     ) {
-      const validation = validateBase64Image(avatarUrl);
-      if (!validation.isValid) {
-        logger.error(`Invalid avatar image from Google OAuth: ${validation.error}`);
-        return;
-      }
-
       const resizedAvatarUrl = await uploadAvatar({
         avatar: await resizeBase64Image(avatarUrl),
         userId,
 
@@ -68,9 +68,6 @@ export const MAX_EVENT_DURATION_MINUTES = 1440;
 /** Minimum duration allowed for an event in minutes */
 export const MIN_EVENT_DURATION_MINUTES = 1;
 
-/** Maximum file size allowed for banner uploads in bytes (5MB) */
-export const MAX_BANNER_SIZE = 5 * 1024 * 1024;
-
 export const HOSTED_CAL_FEATURES = process.env.NEXT_PUBLIC_HOSTED_CAL_FEATURES || !IS_SELF_HOSTED;
 
 export const PUBLIC_QUERY_RESERVATION_INTERVAL_SECONDS =
 
@@ -3,14 +3,8 @@ import { v4 as uuidv4 } from "uuid";
 import { prisma } from "@calcom/prisma";
 
 import { convertSvgToPng } from "./imageUtils";
-import { validateBase64Image } from "./imageValidation";
 
 export const uploadAvatar = async ({ userId, avatar: data }: { userId: number; avatar: string }) => {
-  const validation = validateBase64Image(data);
-  if (!validation.isValid) {
-    throw new Error(`Invalid image data: ${validation.error}`);
-  }
-
   const objectKey = uuidv4();
   const processedData = await convertSvgToPng(data);
 
@@ -46,11 +40,6 @@ export const uploadLogo = async ({
   logo: string;
   isBanner?: boolean;
 }): Promise<string> => {
-  const validation = validateBase64Image(data);
-  if (!validation.isValid) {
-    throw new Error(`Invalid image data: ${validation.error}`);
-  }
-
   const objectKey = uuidv4();
   const processedData = await convertSvgToPng(data);