IO-3340 Resolve unenforced content-type

2025-08-28 15:07:18 -07:00
parent cfdfb8110b
commit 7a383aaec9
2 changed files with 18 additions and 3 deletions
--- a/client/src/components/documents-upload-imgproxy/documents-upload-imgproxy.utility.js
+++ b/client/src/components/documents-upload-imgproxy/documents-upload-imgproxy.utility.js
@@ -67,11 +67,14 @@ export const uploadToS3 = async (
  }
  //Key should be same as we provided to maintain backwards compatibility.
-  const { presignedUrl: preSignedUploadUrlToS3, key: s3Key } = signedURLResponse.data.signedUrls[0];
+  const { presignedUrl: preSignedUploadUrlToS3, key: s3Key, contentType } = signedURLResponse.data.signedUrls[0];
  const options = {
    onUploadProgress: (e) => {
      if (onProgress) onProgress({ percent: (e.loaded / e.total) * 100 });
    },
    headers: {
      ...contentType ? { "Content-Type": fileType } : {}
    }
  };
--- a/server/media/imgproxy-media.js
+++ b/server/media/imgproxy-media.js
@@ -58,8 +58,20 @@ const generateSignedUploadUrls = async (req, res) => {
      }
      const command = new PutObjectCommand(commandParams);
-      const presignedUrl = await getSignedUrl(client, command, { expiresIn: 360 });
+
-      signedUrls.push({ filename, presignedUrl, key });
+      // For PDFs, we need to add conditions to the presigned URL to enforce content type
      const presignedUrlOptions = { expiresIn: 360 };
      if (isPdf) {
        presignedUrlOptions.signableHeaders = new Set(['content-type']);
      }
      const presignedUrl = await getSignedUrl(client, command, presignedUrlOptions);
      signedUrls.push({
        filename,
        presignedUrl,
        key,
        ...(isPdf && { contentType: "application/pdf" })
      });
    }
    logger.log("imgproxy-upload-success", "DEBUG", req.user?.email, jobid, { signedUrls });