From 3b70c60748e8f53eb573f2585194c82e6c027cf7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Am=C3=A9rico=20Dias?= <americo.dias@gmail.com>
Date: Mon, 27 Apr 2026 15:15:50 +0100
Subject: [PATCH] feat: allow image + PDF document uploads through validator
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Upstream's SecurityValidator.ALLOWED_EXTENSIONS only permits source-code
file extensions, so any photo or PDF sent as a Telegram document
(rather than via the native photo handler) is rejected at validation
time — before the bot can even archive or inspect it.

Adds the common attachment formats: .png .jpg .jpeg .gif .webp .heic
.heif .bmp .tiff .tif .pdf. Photos sent as Telegram photos still flow
through the dedicated image_handler.py path, which uses native
multimodal SDK content blocks; this allowlist covers the case where
the user attaches an image as a generic document.

Dangerous patterns (.exe / .key / .pem / etc.) remain blocked via
DANGEROUS_FILE_PATTERNS — they take precedence over the allowlist.
---
 src/security/validators.py | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/security/validators.py b/src/security/validators.py
index 381ba321..c303aa5a 100644
--- a/src/security/validators.py
+++ b/src/security/validators.py
@@ -86,6 +86,19 @@ class SecurityValidator:
         ".vue",
         ".svelte",
         ".lock",
+        # Image formats (document uploads; native photos go through image_handler.py)
+        ".png",
+        ".jpg",
+        ".jpeg",
+        ".gif",
+        ".webp",
+        ".heic",
+        ".heif",
+        ".bmp",
+        ".tiff",
+        ".tif",
+        # Document formats
+        ".pdf",
     }
 
     # Forbidden filenames and patterns