Fetch authenticated media through the session for "Save image as"#33997
Open
hayaksi1 wants to merge 1 commit into
Open
Fetch authenticated media through the session for "Save image as"#33997hayaksi1 wants to merge 1 commit into
hayaksi1 wants to merge 1 commit into
Conversation
The desktop "Save image as" context-menu item fetched http(s) images with the main-process global fetch(), which bypasses the session's webRequest interceptors — including the authenticated-media handlers in media-auth.ts that rewrite the download URL and attach the Authorization header. On modern Synapse (authenticated media, MSC3916) that fetch is rejected with 401/404, so saving an image failed (element-hq#32362). Extract the save logic into a dedicated save-image.ts and fetch network URLs through the image's Electron session (webContents.session.fetch) so the auth interceptors apply; data: URLs are still decoded directly into a NativeImage. The module also keeps the extension-aware encoding (jpg/jpeg/bmp/png) so its contract can be unit-tested.
github-actions
Bot
added
the
Z-Community-PR
t3chguy
reviewed
Jun 29, 2026
| @@ -0,0 +1,135 @@ | |||
| /* | |||
| Copyright 2026 New Vector Ltd. | |||
Member
There was a problem hiding this comment.
Should be your copyright, not that of the old name of our company
| @@ -0,0 +1,52 @@ | |||
| /* | |||
| Copyright 2026 New Vector Ltd. | |||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The desktop "Save image as" context-menu item fetched
http(s)images with the main-processglobal
fetch(), which bypasses the session'swebRequestinterceptors — including theauthenticated-media handlers in
media-auth.tsthat rewrite the download URL and attach theAuthorizationheader. On modern Synapse (authenticated media, MSC3916) that request is rejectedwith 401/404, so saving an image silently failed (#32362).
Fix
Extract the save logic into a dedicated
save-image.tsand fetch network URLs through the image'sElectron session (
webContents.session.fetch) instead of the globalfetch, so the authinterceptors apply.
data:URLs are still decoded directly into aNativeImage. The module keepsthe extension-aware encoding (jpg/jpeg/bmp → PNG fallback) so its contract is unit-testable, and
webcontents-handler.tsnow just delegates to it.Tests
save-image.test.ts(Vitest, 7 passing) coversdata:-URL decoding, the session-fetch path(success, non-OK response, missing body), and the per-extension encoding.
Fixes #32362
Notes: Fixes "Save image as" failing on authenticated media (MSC3916) by fetching through the authenticated Electron session instead of the global fetch.
Checklist
public/exportedsymbols have accurate TSDoc documentation.