feat: enhance media upload and validation process

- Update the media upload endpoint to allow a wider range of file types, including PDFs and audio/video formats.
- Implement stricter validation to block SVG, executable, and JavaScript file types to prevent security vulnerabilities.
- Improve error handling and response messages for unsupported file types and size limits.
- Refactor file preview handling in the ChatWindow component to accommodate non-image files.

Author: Daniel-Robbins

packages/api/src/do/connection-do.ts

@@ -639,16 +639,11 @@ export class ConnectionDO implements DurableObject {
         return null;
       }
 
-      const contentType = response.headers.get("Content-Type") ?? "image/png";
-      // Validate that the response is actually an image
-      if (!contentType.startsWith("image/")) {
-        console.warn(`[DO] cacheExternalMedia: non-image Content-Type "${contentType}", skipping ${url.slice(0, 120)}`);
-        return null;
-      }
+      const contentType = response.headers.get("Content-Type") ?? "application/octet-stream";
 
-      // Reject SVG (can contain scripts — XSS vector)
-      if (contentType.includes("svg")) {
-        console.warn(`[DO] cacheExternalMedia: blocked SVG content from ${url.slice(0, 120)}`);
+      // Reject SVG (can contain scripts — XSS vector) and executable types
+      if (contentType.includes("svg") || contentType.includes("javascript") || contentType.includes("executable")) {
+        console.warn(`[DO] cacheExternalMedia: blocked dangerous Content-Type "${contentType}" from ${url.slice(0, 120)}`);
         return null;
       }
 
@@ -670,14 +665,18 @@ export class ConnectionDO implements DurableObject {
         return null;
       }
 
-      // Determine extension from Content-Type (no SVG)
+      // Determine extension from Content-Type
       const extMap: Record<string, string> = {
         "image/png": "png",
         "image/jpeg": "jpg",
         "image/gif": "gif",
         "image/webp": "webp",
+        "application/pdf": "pdf",
+        "audio/mpeg": "mp3",
+        "audio/wav": "wav",
+        "video/mp4": "mp4",
       };
-      const ext = extMap[contentType] ?? "png";
+      const ext = extMap[contentType] ?? (contentType.startsWith("image/") ? "png" : "bin");
       const key = `media/${userId}/${Date.now()}-${randomUUID().slice(0, 8)}.${ext}`;
 
       // Upload to R2

packages/api/src/routes/channels.ts

@@ -74,10 +74,11 @@ channels.post("/", async (c) => {
     .bind(taskId, id, "Ad Hoc Chat", "adhoc", sessionKey)
     .run();
 
-  // Auto-create a default session
+  // Auto-create a default session (INSERT OR IGNORE to handle duplicate session_key
+  // gracefully — can happen if user re-creates a channel with the same name)
   const sessionId = generateId("ses_");
   await c.env.DB.prepare(
-    "INSERT INTO sessions (id, channel_id, user_id, name, session_key) VALUES (?, ?, ?, ?, ?)",
+    "INSERT OR IGNORE INTO sessions (id, channel_id, user_id, name, session_key) VALUES (?, ?, ?, ?, ?)",
   )
     .bind(sessionId, id, userId, "Session 1", sessionKey)
     .run();

packages/api/src/routes/dev-auth.ts

@@ -1,16 +1,18 @@
 import { Hono } from "hono";
 import type { Env } from "../env.js";
 import { createToken, getJwtSecret } from "../utils/auth.js";
+import { generateId } from "../utils/id.js";
 
 const devAuth = new Hono<{ Bindings: Env }>();
 
 /**
  * POST /api/dev-auth/login — secret-gated dev login for automated testing.
  * Returns 404 when DEV_AUTH_SECRET is not configured (endpoint invisible).
+ * Auto-creates the user record in D1 if it doesn't exist (upsert).
  */
 devAuth.post("/login", async (c) => {
   const devSecret = c.env.DEV_AUTH_SECRET;
-  if (!devSecret) {
+  if (!devSecret || c.env.ENVIRONMENT !== "development") {
     return c.json({ error: "Not found" }, 404);
   }
 
@@ -23,6 +25,20 @@ devAuth.post("/login", async (c) => {
   const jwtSecret = getJwtSecret(c.env);
   const token = await createToken(userId, jwtSecret);
 
+  // Ensure the user exists in D1 (upsert) so foreign key constraints are satisfied.
+  // Dev-auth users get a placeholder email and no password (login only via dev-auth).
+  try {
+    const existing = await c.env.DB.prepare("SELECT id FROM users WHERE id = ?").bind(userId).first();
+    if (!existing) {
+      const email = `${userId}@dev.botschat.test`;
+      await c.env.DB.prepare(
+        "INSERT INTO users (id, email, password_hash, display_name) VALUES (?, ?, '', ?)",
+      ).bind(userId, email, userId).run();
+    }
+  } catch (err) {
+    console.error("[dev-auth] Failed to upsert user:", err);
+  }
+
   return c.json({ token, userId });
 });
 

packages/api/src/routes/upload.ts

@@ -8,50 +8,85 @@ export const upload = new Hono<{
   Variables: { userId: string };
 }>();
 
+/** Allowed non-image MIME types for file attachments. */
+const ALLOWED_FILE_TYPES = new Set([
+  "application/pdf",
+  "text/plain",
+  "text/csv",
+  "text/markdown",
+  "application/json",
+  "application/zip",
+  "application/gzip",
+  "application/x-tar",
+  "audio/mpeg", "audio/wav", "audio/ogg", "audio/mp4", "audio/webm", "audio/aac",
+  "video/mp4", "video/webm", "video/quicktime",
+]);
+
+/** Safe file extensions for each category. */
+const SAFE_EXTENSIONS = new Set([
+  "jpg", "jpeg", "png", "gif", "webp", "bmp", "ico",
+  "pdf", "txt", "csv", "md", "json", "zip", "gz", "tar",
+  "mp3", "wav", "ogg", "m4a", "aac", "webm",
+  "mp4", "mov",
+]);
+
 /** POST / — Upload a file to R2 and return a signed URL. */
 upload.post("/", async (c) => {
-  const userId = c.get("userId");
-  const contentType = c.req.header("Content-Type") ?? "";
+  try {
+    const userId = c.get("userId");
+    const contentType = c.req.header("Content-Type") ?? "";
 
-  if (!contentType.includes("multipart/form-data")) {
-    return c.json({ error: "Expected multipart/form-data" }, 400);
-  }
+    if (!contentType.includes("multipart/form-data")) {
+      return c.json({ error: "Expected multipart/form-data" }, 400);
+    }
 
-  const formData = await c.req.formData();
-  const file = formData.get("file") as File | null;
+    const formData = await c.req.formData();
+    const file = formData.get("file") as File | null;
 
-  if (!file) {
-    return c.json({ error: "No file provided" }, 400);
-  }
+    if (!file) {
+      return c.json({ error: "No file provided" }, 400);
+    }
 
-  // Validate file type — only raster images allowed (SVG is an XSS vector)
-  if (!file.type.startsWith("image/") || file.type.includes("svg")) {
-    return c.json({ error: "Only image files are allowed (SVG is not permitted)" }, 400);
-  }
+    const fileType = file.type || "";
 
-  // Limit file size to 10 MB
-  const MAX_SIZE = 10 * 1024 * 1024;
-  if (file.size > MAX_SIZE) {
-    return c.json({ error: "File too large (max 10 MB)" }, 413);
-  }
+    // Block SVG (XSS vector) and executables
+    if (fileType.includes("svg") || fileType.includes("executable") || fileType.includes("javascript")) {
+      return c.json({ error: "File type not permitted (SVG, executables, scripts are blocked)" }, 400);
+    }
 
-  // Generate a unique key: media/{userId}/{timestamp}-{random}.{ext}
-  const ext = file.name.split(".").pop()?.toLowerCase() ?? "png";
-  // SVG is excluded — it can contain <script> tags and is a known XSS vector
-  const safeExt = ["jpg", "jpeg", "png", "gif", "webp", "bmp", "ico"].includes(ext) ? ext : "png";
-  const filename = `${Date.now()}-${randomUUID().slice(0, 8)}.${safeExt}`;
-  const key = `media/${userId}/${filename}`;
-
-  // Upload to R2
-  await c.env.MEDIA.put(key, file.stream(), {
-    httpMetadata: {
-      contentType: file.type,
-    },
-  });
-
-  // Return a signed URL (1 hour expiry)
-  const secret = getJwtSecret(c.env);
-  const url = await signMediaUrl(userId, filename, secret, 3600);
-
-  return c.json({ url, key });
+    // Allow images (except SVG) and a curated set of other file types
+    const isImage = fileType.startsWith("image/");
+    const isAllowedFile = ALLOWED_FILE_TYPES.has(fileType);
+    if (!isImage && !isAllowedFile) {
+      return c.json({ error: `File type '${fileType}' is not supported` }, 400);
+    }
+
+    // Limit file size to 10 MB
+    const MAX_SIZE = 10 * 1024 * 1024;
+    if (file.size > MAX_SIZE) {
+      return c.json({ error: "File too large (max 10 MB)" }, 413);
+    }
+
+    // Generate a unique key: media/{userId}/{timestamp}-{random}.{ext}
+    const ext = file.name.split(".").pop()?.toLowerCase() ?? "bin";
+    const safeExt = SAFE_EXTENSIONS.has(ext) ? ext : (isImage ? "png" : "bin");
+    const filename = `${Date.now()}-${randomUUID().slice(0, 8)}.${safeExt}`;
+    const key = `media/${userId}/${filename}`;
+
+    // Upload to R2
+    await c.env.MEDIA.put(key, file.stream(), {
+      httpMetadata: {
+        contentType: fileType || "application/octet-stream",
+      },
+    });
+
+    // Return a signed URL (1 hour expiry)
+    const secret = getJwtSecret(c.env);
+    const url = await signMediaUrl(userId, filename, secret, 3600);
+
+    return c.json({ url, key });
+  } catch (err) {
+    console.error("[upload] Error:", err);
+    return c.json({ error: `Upload failed: ${err instanceof Error ? err.message : String(err)}` }, 500);
+  }
 });

packages/web/src/components/ChatWindow.tsx

@@ -265,11 +265,11 @@ export function ChatWindow({ sendMessage }: ChatWindowProps) {
     inputRef.current?.focus();
   }, []);
 
-  // Image upload helpers
+  // File upload helpers
   const handleFileSelect = useCallback((e: React.ChangeEvent<HTMLInputElement>) => {
     const file = e.target.files?.[0];
-    if (!file || !file.type.startsWith("image/")) return;
-    const preview = URL.createObjectURL(file);
+    if (!file) return;
+    const preview = file.type.startsWith("image/") ? URL.createObjectURL(file) : "";
     setPendingImage({ file, preview });
     e.target.value = "";
     inputRef.current?.focus();
@@ -339,8 +339,8 @@ export function ChatWindow({ sendMessage }: ChatWindowProps) {
     e.stopPropagation();
     setDragOver(false);
     const file = e.dataTransfer.files?.[0];
-    if (file && file.type.startsWith("image/")) {
-      const preview = URL.createObjectURL(file);
+    if (file) {
+      const preview = file.type.startsWith("image/") ? URL.createObjectURL(file) : "";
       setPendingImage({ file, preview });
       inputRef.current?.focus();
     }
@@ -733,21 +733,35 @@ export function ChatWindow({ sendMessage }: ChatWindowProps) {
             background: "var(--bg-surface)",
           }}
         >
-          {/* Image preview */}
+          {/* File/image preview */}
           {pendingImage && (
             <div className="px-3 pt-2 flex items-start gap-2">
               <div className="relative">
-                <img
-                  src={pendingImage.preview}
-                  alt="Preview"
-                  className="max-w-[120px] max-h-[80px] rounded-md object-contain"
-                  style={{ border: "1px solid var(--border)" }}
-                />
+                {pendingImage.preview ? (
+                  <img
+                    src={pendingImage.preview}
+                    alt="Preview"
+                    className="max-w-[120px] max-h-[80px] rounded-md object-contain"
+                    style={{ border: "1px solid var(--border)" }}
+                  />
+                ) : (
+                  <div
+                    className="flex items-center gap-1.5 px-3 py-2 rounded-md text-caption"
+                    style={{ border: "1px solid var(--border)", background: "var(--bg-hover)" }}
+                  >
+                    <svg className="w-4 h-4 shrink-0" fill="none" viewBox="0 0 24 24" stroke="currentColor" strokeWidth={1.5} style={{ color: "var(--text-muted)" }}>
+                      <path strokeLinecap="round" strokeLinejoin="round" d="M19.5 14.25v-2.625a3.375 3.375 0 00-3.375-3.375h-1.5A1.125 1.125 0 0113.5 7.125v-1.5a3.375 3.375 0 00-3.375-3.375H8.25m2.25 0H5.625c-.621 0-1.125.504-1.125 1.125v17.25c0 .621.504 1.125 1.125 1.125h12.75c.621 0 1.125-.504 1.125-1.125V11.25a9 9 0 00-9-9z" />
+                    </svg>
+                    <span className="truncate max-w-[100px]" style={{ color: "var(--text-secondary)" }}>
+                      {pendingImage.file.name}
+                    </span>
+                  </div>
+                )}
                 <button
                   onClick={clearPendingImage}
                   className="absolute -top-1.5 -right-1.5 w-5 h-5 rounded-full flex items-center justify-center text-white opacity-80 hover:opacity-100 transition-opacity"
                   style={{ background: "#e74c3c", fontSize: 11 }}
-                  title="Remove image"
+                  title="Remove file"
                 >
                   ✕
                 </button>
@@ -790,7 +804,7 @@ export function ChatWindow({ sendMessage }: ChatWindowProps) {
               <input
                 ref={fileInputRef}
                 type="file"
-                accept="image/*"
+                accept="image/*,application/pdf,.txt,.csv,.md,.json,.zip,.gz,.mp3,.wav,.mp4,.mov"
                 className="hidden"
                 onChange={handleFileSelect}
               />

packages/web/src/e2e.ts

@@ -108,12 +108,13 @@ export const E2eService = {
 
   /**
    * Encrypt text using the current key.
-   * Generates a random messageId (UUID) as contextId/nonce source.
+   * If contextId is provided, uses it as the nonce source (for preserving
+   * existing messageIds). Otherwise generates a random UUID.
    * Returns { ciphertext: base64, messageId: string }
    */
-  async encrypt(text: string): Promise<{ ciphertext: string; messageId: string }> {
+  async encrypt(text: string, contextId?: string): Promise<{ ciphertext: string; messageId: string }> {
     if (!currentKey) throw new Error("E2E key not set");
-    const messageId = crypto.randomUUID();
+    const messageId = contextId || crypto.randomUUID();
     const encrypted = await encryptText(currentKey, text, messageId);
     return { ciphertext: toBase64(encrypted), messageId };
   },

packages/web/src/ws.ts

@@ -171,14 +171,19 @@ export class BotsChatWSClient {
       // E2E Encryption for user messages
       if (msg.type === "user.message" && E2eService.hasKey() && typeof msg.text === "string") {
           try {
-              const { ciphertext, messageId } = await E2eService.encrypt(msg.text);
+              // Use the existing messageId as contextId for encryption nonce,
+              // so decryption on the plugin side uses the same ID.
+              const existingId = (msg.messageId as string) || undefined;
+              const { ciphertext, messageId } = await E2eService.encrypt(msg.text, existingId);
               msg.text = ciphertext;
-              msg.messageId = messageId;
+              // Only set messageId if we didn't have one — preserve the original
+              // so message IDs stay consistent between local state and server.
+              if (!existingId) {
+                msg.messageId = messageId;
+              }
               msg.encrypted = true;
           } catch (err) {
               dlog.error("E2E", "Encryption failed", err);
-              // Fail? or send as plaintext?
-              // Security first: if key exists but encrypt fails, abort.
               return; 
           }
       }

scripts/dev.sh

@@ -54,7 +54,7 @@ do_build_web() {
 do_start() {
   kill_port 8787
   info "Starting wrangler dev on 0.0.0.0:8787…"
-  exec npx wrangler dev --config wrangler.toml --ip 0.0.0.0 --var ENVIRONMENT:development
+  exec npx wrangler dev --config wrangler.toml --ip 0.0.0.0 --var ENVIRONMENT:development --var DEV_AUTH_SECRET:botschat-dev-2026
 }
 
 do_sync_plugin() {