Support extensionless nested image URLs in downloadImage

Some image URLs use nested extensionless paths such as /media/12345.
Rejecting all such URLs made image rendering skip common CDN/proxy
media endpoints.

Derive the extension from the filename when present; otherwise, infer
it from Content-Type (with a safe fallback). Keep blocking suspicious
encoded traversal patterns in the pathname.

#608 (comment)

Co-Authored-By: Codex <codex@openai.com>

Author: dahlia

packages/cli/src/imagerenderer.test.ts

@@ -182,7 +182,7 @@ test("downloadImage - rejects unsafe extension containing path traversal", async
 
   try {
     const result = await downloadImage(
-      "https://198.51.100.10/image.png/../../../../etc/passwd",
+      "https://198.51.100.10/image.png/..%2f..%2f..%2fetc%2fpasswd",
     );
     assert.equal(result, null);
   } finally {
@@ -208,3 +208,25 @@ test("downloadImage - falls back to jpg when URL has no extension", async () =>
     }
   }
 });
+
+test("downloadImage - falls back to content type for extensionless nested path", async () => {
+  const originalFetch = globalThis.fetch;
+  globalThis.fetch = ((_input: URL | RequestInfo) =>
+    Promise.resolve(
+      new Response(new Uint8Array([1, 2, 3]), {
+        headers: { "content-type": "image/png" },
+      }),
+    )) as typeof fetch;
+
+  let result: string | null = null;
+  try {
+    result = await downloadImage("https://198.51.100.10/media/12345");
+    assert.notEqual(result, null);
+    assert.equal(path.extname(result!), ".png");
+  } finally {
+    globalThis.fetch = originalFetch;
+    if (result != null) {
+      await rm(path.dirname(result), { recursive: true, force: true });
+    }
+  }
+});

packages/cli/src/imagerenderer.ts

@@ -20,6 +20,30 @@ const KITTY_IDENTIFIERS: string[] = [
 
 type KittyCommand = Record<string, string | number>;
 
+function getExtensionFromContentType(contentType: string | null): string {
+  const mime = contentType?.split(";")[0]?.trim().toLowerCase() ?? "";
+  switch (mime) {
+    case "image/jpeg":
+    case "image/jpg":
+      return "jpg";
+    case "image/png":
+      return "png";
+    case "image/gif":
+      return "gif";
+    case "image/webp":
+      return "webp";
+    case "image/avif":
+      return "avif";
+    case "image/bmp":
+      return "bmp";
+    case "image/svg+xml":
+      return "svg";
+    default:
+      if (mime.startsWith("image/")) return mime.slice("image/".length);
+      return "jpg";
+  }
+}
+
 export function detectTerminalCapabilities(): TerminalType {
   const termProgram = (process.env.TERM_PROGRAM || "").toLowerCase();
 
@@ -132,15 +156,20 @@ export async function downloadImage(url: string): Promise<string | null> {
     }
     const imageData = new Uint8Array(await response.arrayBuffer());
     const pathname = new URL(targetUrl).pathname;
+    const lowerPathname = pathname.toLowerCase();
+    if (
+      lowerPathname.includes("%2f") || lowerPathname.includes("%5c") ||
+      lowerPathname.includes("..")
+    ) {
+      return null;
+    }
     const pathSegments = pathname.split("/").filter((segment) =>
       segment !== ""
     );
     const filename = pathSegments[pathSegments.length - 1] ?? "";
     const extension = filename.includes(".")
       ? path.extname(filename).slice(1)
-      : pathSegments.length === 1
-      ? "jpg"
-      : "";
+      : getExtensionFromContentType(response.headers.get("content-type"));
     if (extension.length < 1) return null;
     if (
       extension.includes("/") || extension.includes("\\") ||