verify mime type of images #5888
Conversation
|
|
||
| let output_item = mock.single_request().function_call_output(call_id); | ||
| let output_text = extract_output_text(&output_item).expect("output text present"); | ||
| assert_eq!(output_text, "attached local image path"); |
There was a problem hiding this comment.
that's actually not very good. It might be better to respond with error directly as function output instead of separate item but you are not the one that wrote the logic.
There was a problem hiding this comment.
@codex could you take a stab at this
![chatgpt-codex-connector[bot]](https://cdn.statically.io/img/avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| let output_item = mock.single_request().function_call_output(call_id); | ||
| let output_text = extract_output_text(&output_item).expect("output text present"); | ||
| assert_eq!(output_text, "attached local image path"); |
There was a problem hiding this comment.
Here we now assert that function_call_output is still "attached local image path" even when the local file was rejected for having a non‑image MIME type. That keeps the view_image handler returning success: true and the usual success string, even though the pending input we send back no longer contains any input_image. The only hint is the placeholder text we injected as a user message, which isn’t structurally tied to the tool call and can be ignored by downstream consumers. All of the other failure paths for this tool (missing file, path is directory, etc.) surface their errors via FunctionCallError::RespondToModel, so orchestration, telemetry, and the model can reliably tell the call failed. With this change MIME failures become silent: the agent continues as if the screenshot is attached while the Responses API request contains no image. We should instead propagate the MIME error through the tool’s function output (success: Some(false) plus the error message) so callers can react, rather than asserting success here.
Useful? React with 👍 / 👎.
There was a problem hiding this comment.
strange. why did my ping get classified as a review request lol
solves: #5675
Block non-image uploads in the view_image workflow. We now confirm the file’s MIME is image/* before building the data URL; otherwise we emit a “unsupported MIME type” error to the model. This stops the agent from sending application/json blobs that the Responses API rejects with 400s.