Skip to content

Fix text attachment MIME misclassification#3628

Merged
shakkernerd merged 2 commits intoopenclaw:mainfrom
frankekn:fix/media-text-attachments
Jan 29, 2026
Merged

Fix text attachment MIME misclassification#3628
shakkernerd merged 2 commits intoopenclaw:mainfrom
frankekn:fix/media-text-attachments

Conversation

@frankekn
Copy link
Copy Markdown
Contributor

@frankekn frankekn commented Jan 28, 2026

Summary

  • preserve inbound Telegram original filenames when saving media to keep correct extensions
  • add text-file extraction for inbound attachments with CSV/TSV inference and UTF-16/UTF-8 heuristics
  • treat text-like attachments misdetected as audio as text for media understanding

Testing

  • not run (manual repro with Telegram CSV/TSV attachments)

@openclaw-barnacle openclaw-barnacle bot added the channel: telegram Channel integration: telegram label Jan 28, 2026
@frankekn
Copy link
Copy Markdown
Contributor Author

frankekn commented Jan 29, 2026

Test update:

  • Full pnpm test run started via a temporary pnpm shim; timed out after 120s and hit failures in session-memory hook tests due to missing Anthropic API key/auth profiles.
  • Targeted unit run passed: corepack pnpm vitest run --config vitest.unit.config.ts src/media-understanding/apply.test.ts

@shakkernerd shakkernerd merged commit cb18ce7 into openclaw:main Jan 29, 2026
19 of 23 checks passed
@shakkernerd shakkernerd mentioned this pull request Jan 29, 2026
Merged
shakkernerd added a commit that referenced this pull request Jan 29, 2026
@shakkernerd
fix: text attachment MIME misclassification with security hardening (#…
2257d69 
…3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
shakkernerd added a commit that referenced this pull request Jan 29, 2026
@shakkernerd
fix: add security hardening for media text attachments (#3700)
b717724 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
HirokiKobayashi-R pushed a commit to HirokiKobayashi-R/moltbot that referenced this pull request Jan 29, 2026
@frankekn @HirokiKobayashi-R
Fix text attachment MIME misclassification (openclaw#3628)
74875d1 
* Fix text file attachment detection

* Add file attachment extraction tests
HirokiKobayashi-R pushed a commit to HirokiKobayashi-R/moltbot that referenced this pull request Jan 29, 2026
@shakkernerd @HirokiKobayashi-R
fix: add security hardening for media text attachments (openclaw#3700)
2baaa9b 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
80f3eeb 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
322fc1f 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
423be65 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
3f31c48 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
f4f9e95 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
f7ae7f0 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
93669cf 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
7e13349 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
9204a1a 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
7a99683 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
2faf699 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
2119b2d 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
7fe7a10 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
24c4a5f 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
5c6ebc4 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
5dee0df 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
8c82ed3 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Jan 31, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
567d05b 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
c483791 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
527d16e 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
26560b0 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
8dc3e6c 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
5fa6016 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
f36b966 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
e210d1e 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
b6eb930 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
6669fc3 
* Fix text file attachment detection

* Add file attachment extraction tests
YuriNachos pushed a commit to YuriNachos/clawdbot-fork that referenced this pull request Feb 1, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
6879737 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
uxcu pushed a commit to uxcu/kook-openclaw that referenced this pull request Feb 5, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
e8fc403 
* Fix text file attachment detection

* Add file attachment extraction tests
uxcu pushed a commit to uxcu/kook-openclaw that referenced this pull request Feb 5, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
2519ab0 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
bestNiu pushed a commit to bestNiu/clawdbot that referenced this pull request Feb 5, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
f0b2562 
* Fix text file attachment detection

* Add file attachment extraction tests
bestNiu pushed a commit to bestNiu/clawdbot that referenced this pull request Feb 5, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
b8d4639 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
zooqueen pushed a commit to hanzoai/bot that referenced this pull request Mar 6, 2026
@frankekn
Fix text attachment MIME misclassification (openclaw#3628)
0c333eb 
* Fix text file attachment detection

* Add file attachment extraction tests
zooqueen pushed a commit to hanzoai/bot that referenced this pull request Mar 6, 2026
@shakkernerd
fix: add security hardening for media text attachments (openclaw#3700)
6ebc091 
* fix: Prevent XML attribute injection by escaping special characters in file name and MIME type attributes.

* fix: text attachment MIME misclassification with security hardening (openclaw#3628)

- Fix CSV/TSV inference from content heuristics
- Add UTF-16 detection and BOM handling
- Add XML attribute escaping for file output (security)
- Add MIME override logging for auditability
- Add comprehensive test coverage for edge cases

Thanks @frankekn
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

channel: telegram Channel integration: telegram

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@frankekn @shakkernerd