archive/rsnext
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat!(next/image): change default Content-Disposition to attachment (#65631)

Browse source 
### BREAKING CHANGE

This changes the behavior of the default image `loader` so that
[`Content-Disposition`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition#as_a_response_header_for_the_main_body)
header is now `attachment` for added protection since the API can serve
arbitrary remote images.

The new default value, `attachment`, forces the browser to download the
image when visiting directly. This is particularly important when
`dangerouslyAllowSVG` is true. Most users will not notice the change
since visiting pages won't behave any differently, only visiting images
directly.

Users can switch back to the old behavior by configuring `inline` in
next.config.js

```js
module.exports = {
  images: {
    contentDispositionType: 'inline',
  },
}
This commit is contained in:
Steven 2024-05-10 21:35:48 -04:00 committed by GitHub
parent b9af6a9b22
commit 292fd4eb3f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
10 changed files with 160 additions and 125 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
docs/02-app/02-api-reference/01-components/image.mdx
View file

@ -725,6 +725,22 @@ module.exports = {
In addition, it is strongly recommended to also set `contentDispositionType` to force the browser to download the image, as well as `contentSecurityPolicy` to prevent scripts embedded in the image from executing.
### `contentDispositionType`
The default [loader](#loader) sets the [`Content-Disposition`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition#as_a_response_header_for_the_main_body) header to `attachment` for added protection since the API can serve arbitrary remote images.
The default value is `attachment` which forces the browser to download the image when visiting directly. This is particularly important when [`dangerouslyAllowSVG`](#dangerouslyallowsvg) is true.
You can optionally configure `inline` to allow the browser to render the image when visiting directly, without downloading it.
```js filename="next.config.js"
module.exports = {
images: {
contentDispositionType: 'inline',
},
}
```
## Animated Images
The default [loader](#loader) will automatically bypass Image Optimization for animated images and serve the image as-is.
@ -1000,6 +1016,7 @@ This `next/image` component uses browser native [lazy loading](https://caniuse.c
| Version | Changes |
| ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `v15.0.0` | `contentDispositionType` configuration default changed to `attachment`. |
| `v14.2.0` | `overrideSrc` prop added. |
| `v14.1.0` | `getImageProps()` is stable. |
| `v14.0.0` | `onLoadingComplete` prop and `domains` config deprecated. |

16
docs/03-pages/02-api-reference/01-components/image-legacy.mdx
View file

@ -577,6 +577,22 @@ module.exports = {
In addition, it is strongly recommended to also set `contentDispositionType` to force the browser to download the image, as well as `contentSecurityPolicy` to prevent scripts embedded in the image from executing.
### `contentDispositionType`
The default [loader](#loader) sets the [`Content-Disposition`](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Disposition#as_a_response_header_for_the_main_body) header to `attachment` for added protection since the API can serve arbitrary remote images.
The default value is `attachment` which forces the browser to download the image when visiting directly. This is particularly important when [`dangerouslyAllowSVG`](#dangerously-allow-svg) is true.
You can optionally configure `inline` to allow the browser to render the image when visiting directly, without downloading it.
```js filename="next.config.js"
module.exports = {
images: {
contentDispositionType: 'inline',
},
}
```
### Animated Images
The default [loader](#loader) will automatically bypass Image Optimization for animated images and serve the image as-is.

4
errors/invalid-images-config.mdx
View file

@ -35,8 +35,8 @@ module.exports = {
dangerouslyAllowSVG: false,
// set the Content-Security-Policy header
contentSecurityPolicy: "default-src 'self'; script-src 'none'; sandbox;",
// sets the Content-Disposition header (inline or attachment)
contentDispositionType: 'inline',
// sets the Content-Disposition header ('inline' or 'attachment')
contentDispositionType: 'attachment',
// limit of 50 objects
remotePatterns: [],
// when true, every image will be unoptimized

2
packages/next/src/shared/lib/image-config.ts
View file

@ -112,7 +112,7 @@ export const imageConfigDefault: ImageConfigComplete = {
formats: ['image/webp'],
dangerouslyAllowSVG: false,
contentSecurityPolicy: `script-src 'none'; frame-src 'none'; sandbox;`,
contentDispositionType: 'inline',
contentDispositionType: 'attachment',
remotePatterns: [],
unoptimized: false,
}

4
test/integration/image-optimizer/test/content-disposition-type.test.ts
View file

@ -4,9 +4,9 @@ import { setupTests } from './util'
const appDir = join(__dirname, '../app')
const imagesDir = join(appDir, '.next', 'cache', 'images')
describe('with contentDispositionType attachment', () => {
describe('with contentDispositionType inline', () => {
setupTests({
nextConfigImages: { contentDispositionType: 'attachment' },
nextConfigImages: { contentDispositionType: 'inline' },
appDir,
imagesDir,
})

9
test/integration/image-optimizer/test/index.test.ts
View file

@ -402,8 +402,9 @@ describe('Image Optimizer', () => {
await retry(() => {
expect(stderr).toContain(
`Invalid assetPrefix provided. Original error: TypeError [ERR_INVALID_URL]: Invalid URL`
`Invalid assetPrefix provided. Original error:`
)
expect(stderr).toContain(`Invalid URL`)
})
} finally {
await killApp(app).catch(() => {})
@ -584,7 +585,7 @@ describe('Image Optimizer', () => {
`public, max-age=86400, must-revalidate`
)
expect(res.headers.get('Content-Disposition')).toBe(
`inline; filename="test.webp"`
`attachment; filename="test.webp"`
)
await check(async () => {
@ -615,7 +616,7 @@ describe('Image Optimizer', () => {
`public, max-age=60, must-revalidate`
)
expect(res.headers.get('Content-Disposition')).toBe(
`inline; filename="test.webp"`
`attachment; filename="test.webp"`
)
})
}
@ -723,7 +724,7 @@ describe('Image Optimizer', () => {
)
expect(res.headers.get('Vary')).toBe('Accept')
expect(res.headers.get('Content-Disposition')).toBe(
`inline; filename="next-js-bg.webp"`
`attachment; filename="next-js-bg.webp"`
)
await check(async () => {

2
test/integration/image-optimizer/test/util.ts
View file

@ -152,7 +152,7 @@ async function fetchWithDuration(
export function runTests(ctx: RunTestsCtx) {
const { isDev, nextConfigImages } = ctx
const {
contentDispositionType = 'inline',
contentDispositionType = 'attachment',
domains = [],
formats = [],
minimumCacheTTL = 60,

3
test/production/pages-dir/production/fixture/pages/svg-image.js
View file

@ -6,6 +6,9 @@ const Page = () => {
<div>
<h1>SVG with a script tag attempting XSS</h1>
<Image id="img" src="/xss.svg" width="100" height="100" />
<a id="btn" href="/_next/image?url=%2Fxss.svg&w=256&q=75">
Click Me
</a>
<p id="msg">safe</p>
</div>
)

6
test/production/pages-dir/production/test/security.ts
View file

@ -326,10 +326,8 @@ export default (next: NextInstance) => {
const src = await browser.elementById('img').getAttribute('src')
expect(src).toMatch(/_next\/image\?.*xss\.svg/)
expect(await browser.elementById('msg').text()).toBe('safe')
browser = await webdriver(
next.appPort,
'/_next/image?url=%2Fxss.svg&w=256&q=75'
)
await browser.eval(`document.getElementById("btn").click()`)
await browser.waitForIdleNetwork()
expect(await browser.elementById('msg').text()).toBe('safe')
} finally {
if (browser) await browser.close()

222
test/turbopack-build-tests-manifest.json
View file

@ -10737,119 +10737,119 @@
},
"test/integration/image-optimizer/test/content-disposition-type.test.ts": {
"passed": [
"with contentDispositionType attachment Production Mode Server support with next.config.js should automatically detect image type when content-type is octet-stream",
"with contentDispositionType attachment Production Mode Server support with next.config.js should compress avif smaller than webp at q=100",
"with contentDispositionType attachment Production Mode Server support with next.config.js should compress avif smaller than webp at q=50",
"with contentDispositionType attachment Production Mode Server support with next.config.js should compress avif smaller than webp at q=75",
"with contentDispositionType attachment Production Mode Server support with next.config.js should downlevel avif format to jpeg for old Safari",
"with contentDispositionType attachment Production Mode Server support with next.config.js should downlevel webp format to jpeg for old Safari",
"with contentDispositionType attachment Production Mode Server support with next.config.js should emit blur svg when width is 8 in dev but not prod",
"with contentDispositionType attachment Production Mode Server support with next.config.js should emit blur svg when width is less than 8 in dev but not prod",
"with contentDispositionType attachment Production Mode Server support with next.config.js should error if the image file does not exist",
"with contentDispositionType attachment Production Mode Server support with next.config.js should error if the resource isn't a valid image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when domain is not defined in next.config.js",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when internal url is not an image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when q is greater than 100",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when q is less than 1",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when q is missing",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when q is not a number",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when url fails to load an image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when url has file protocol",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when url has ftp protocol",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when url is missing",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when w is 0",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when w is less than 0",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when w is missing",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when w is not a number",
"with contentDispositionType attachment Production Mode Server support with next.config.js should fail when width is not in next.config.js",
"with contentDispositionType attachment Production Mode Server support with next.config.js should handle concurrent requests",
"with contentDispositionType attachment Production Mode Server support with next.config.js should handle non-ascii characters in image url",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain animated gif",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain animated png",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain animated png 2",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain animated webp",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain bmp",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain ico format",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain jpg format for old Safari",
"with contentDispositionType attachment Production Mode Server support with next.config.js should maintain png format for old Safari",
"with contentDispositionType attachment Production Mode Server support with next.config.js should normalize invalid status codes",
"with contentDispositionType attachment Production Mode Server support with next.config.js should not allow svg with application header",
"with contentDispositionType attachment Production Mode Server support with next.config.js should not allow svg with comma header",
"with contentDispositionType attachment Production Mode Server support with next.config.js should not allow svg with uppercase header",
"with contentDispositionType attachment Production Mode Server support with next.config.js should not allow vector svg",
"with contentDispositionType attachment Production Mode Server support with next.config.js should not resize if requested width is larger than original source image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize absolute url from localhost",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url and new Chrome accept header as avif",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url and old Chrome accept header as webp",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url and png accept header",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url and webp Firefox accept header",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url with invalid accept header as gif",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url with invalid accept header as png",
"with contentDispositionType attachment Production Mode Server support with next.config.js should resize relative url with invalid accept header as tiff",
"with contentDispositionType attachment Production Mode Server support with next.config.js should return home page",
"with contentDispositionType attachment Production Mode Server support with next.config.js should set 304 status without body when etag matches if-none-match",
"with contentDispositionType attachment Production Mode Server support with next.config.js should use cache and stale-while-revalidate when query is the same for external image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should use cache and stale-while-revalidate when query is the same for internal image",
"with contentDispositionType attachment Production Mode Server support with next.config.js should use cached image file when parameters are the same for animated gif",
"with contentDispositionType attachment dev support with next.config.js should automatically detect image type when content-type is octet-stream",
"with contentDispositionType attachment dev support with next.config.js should compress avif smaller than webp at q=100",
"with contentDispositionType attachment dev support with next.config.js should compress avif smaller than webp at q=50",
"with contentDispositionType attachment dev support with next.config.js should compress avif smaller than webp at q=75",
"with contentDispositionType attachment dev support with next.config.js should downlevel avif format to jpeg for old Safari",
"with contentDispositionType attachment dev support with next.config.js should downlevel webp format to jpeg for old Safari",
"with contentDispositionType attachment dev support with next.config.js should emit blur svg when width is 8 in dev but not prod",
"with contentDispositionType attachment dev support with next.config.js should emit blur svg when width is less than 8 in dev but not prod",
"with contentDispositionType attachment dev support with next.config.js should error if the image file does not exist",
"with contentDispositionType attachment dev support with next.config.js should error if the resource isn't a valid image",
"with contentDispositionType attachment dev support with next.config.js should fail when domain is not defined in next.config.js",
"with contentDispositionType attachment dev support with next.config.js should fail when internal url is not an image",
"with contentDispositionType attachment dev support with next.config.js should fail when q is greater than 100",
"with contentDispositionType attachment dev support with next.config.js should fail when q is less than 1",
"with contentDispositionType attachment dev support with next.config.js should fail when q is missing",
"with contentDispositionType attachment dev support with next.config.js should fail when q is not a number",
"with contentDispositionType attachment dev support with next.config.js should fail when url fails to load an image",
"with contentDispositionType attachment dev support with next.config.js should fail when url has file protocol",
"with contentDispositionType attachment dev support with next.config.js should fail when url has ftp protocol",
"with contentDispositionType attachment dev support with next.config.js should fail when url is missing",
"with contentDispositionType attachment dev support with next.config.js should fail when w is 0",
"with contentDispositionType attachment dev support with next.config.js should fail when w is less than 0",
"with contentDispositionType attachment dev support with next.config.js should fail when w is missing",
"with contentDispositionType attachment dev support with next.config.js should fail when w is not a number",
"with contentDispositionType attachment dev support with next.config.js should fail when width is not in next.config.js",
"with contentDispositionType attachment dev support with next.config.js should handle concurrent requests",
"with contentDispositionType attachment dev support with next.config.js should handle non-ascii characters in image url",
"with contentDispositionType attachment dev support with next.config.js should maintain animated gif",
"with contentDispositionType attachment dev support with next.config.js should maintain animated png",
"with contentDispositionType attachment dev support with next.config.js should maintain animated png 2",
"with contentDispositionType attachment dev support with next.config.js should maintain animated webp",
"with contentDispositionType attachment dev support with next.config.js should maintain bmp",
"with contentDispositionType attachment dev support with next.config.js should maintain ico format",
"with contentDispositionType attachment dev support with next.config.js should maintain jpg format for old Safari",
"with contentDispositionType attachment dev support with next.config.js should maintain png format for old Safari",
"with contentDispositionType attachment dev support with next.config.js should normalize invalid status codes",
"with contentDispositionType attachment dev support with next.config.js should not allow svg with application header",
"with contentDispositionType attachment dev support with next.config.js should not allow svg with comma header",
"with contentDispositionType attachment dev support with next.config.js should not allow svg with uppercase header",
"with contentDispositionType attachment dev support with next.config.js should not allow vector svg",
"with contentDispositionType attachment dev support with next.config.js should not resize if requested width is larger than original source image",
"with contentDispositionType attachment dev support with next.config.js should resize absolute url from localhost",
"with contentDispositionType attachment dev support with next.config.js should resize relative url and new Chrome accept header as avif",
"with contentDispositionType attachment dev support with next.config.js should resize relative url and old Chrome accept header as webp",
"with contentDispositionType attachment dev support with next.config.js should resize relative url and png accept header",
"with contentDispositionType attachment dev support with next.config.js should resize relative url and webp Firefox accept header",
"with contentDispositionType attachment dev support with next.config.js should resize relative url with invalid accept header as gif",
"with contentDispositionType attachment dev support with next.config.js should resize relative url with invalid accept header as png",
"with contentDispositionType attachment dev support with next.config.js should resize relative url with invalid accept header as tiff",
"with contentDispositionType attachment dev support with next.config.js should return home page",
"with contentDispositionType attachment dev support with next.config.js should set 304 status without body when etag matches if-none-match",
"with contentDispositionType attachment dev support with next.config.js should set cache-control to immutable for static images",
"with contentDispositionType attachment dev support with next.config.js should use cache and stale-while-revalidate when query is the same for external image",
"with contentDispositionType attachment dev support with next.config.js should use cache and stale-while-revalidate when query is the same for internal image",
"with contentDispositionType attachment dev support with next.config.js should use cached image file when parameters are the same for animated gif"
"with contentDispositionType inline Production Mode Server support with next.config.js should automatically detect image type when content-type is octet-stream",
"with contentDispositionType inline Production Mode Server support with next.config.js should compress avif smaller than webp at q=100",
"with contentDispositionType inline Production Mode Server support with next.config.js should compress avif smaller than webp at q=50",
"with contentDispositionType inline Production Mode Server support with next.config.js should compress avif smaller than webp at q=75",
"with contentDispositionType inline Production Mode Server support with next.config.js should downlevel avif format to jpeg for old Safari",
"with contentDispositionType inline Production Mode Server support with next.config.js should downlevel webp format to jpeg for old Safari",
"with contentDispositionType inline Production Mode Server support with next.config.js should emit blur svg when width is 8 in dev but not prod",
"with contentDispositionType inline Production Mode Server support with next.config.js should emit blur svg when width is less than 8 in dev but not prod",
"with contentDispositionType inline Production Mode Server support with next.config.js should error if the image file does not exist",
"with contentDispositionType inline Production Mode Server support with next.config.js should error if the resource isn't a valid image",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when domain is not defined in next.config.js",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when internal url is not an image",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when q is greater than 100",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when q is less than 1",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when q is missing",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when q is not a number",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when url fails to load an image",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when url has file protocol",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when url has ftp protocol",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when url is missing",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when w is 0",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when w is less than 0",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when w is missing",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when w is not a number",
"with contentDispositionType inline Production Mode Server support with next.config.js should fail when width is not in next.config.js",
"with contentDispositionType inline Production Mode Server support with next.config.js should handle concurrent requests",
"with contentDispositionType inline Production Mode Server support with next.config.js should handle non-ascii characters in image url",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain animated gif",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain animated png",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain animated png 2",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain animated webp",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain bmp",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain ico format",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain jpg format for old Safari",
"with contentDispositionType inline Production Mode Server support with next.config.js should maintain png format for old Safari",
"with contentDispositionType inline Production Mode Server support with next.config.js should normalize invalid status codes",
"with contentDispositionType inline Production Mode Server support with next.config.js should not allow svg with application header",
"with contentDispositionType inline Production Mode Server support with next.config.js should not allow svg with comma header",
"with contentDispositionType inline Production Mode Server support with next.config.js should not allow svg with uppercase header",
"with contentDispositionType inline Production Mode Server support with next.config.js should not allow vector svg",
"with contentDispositionType inline Production Mode Server support with next.config.js should not resize if requested width is larger than original source image",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize absolute url from localhost",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url and new Chrome accept header as avif",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url and old Chrome accept header as webp",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url and png accept header",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url and webp Firefox accept header",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url with invalid accept header as gif",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url with invalid accept header as png",
"with contentDispositionType inline Production Mode Server support with next.config.js should resize relative url with invalid accept header as tiff",
"with contentDispositionType inline Production Mode Server support with next.config.js should return home page",
"with contentDispositionType inline Production Mode Server support with next.config.js should set 304 status without body when etag matches if-none-match",
"with contentDispositionType inline Production Mode Server support with next.config.js should use cache and stale-while-revalidate when query is the same for external image",
"with contentDispositionType inline Production Mode Server support with next.config.js should use cache and stale-while-revalidate when query is the same for internal image",
"with contentDispositionType inline Production Mode Server support with next.config.js should use cached image file when parameters are the same for animated gif",
"with contentDispositionType inline dev support with next.config.js should automatically detect image type when content-type is octet-stream",
"with contentDispositionType inline dev support with next.config.js should compress avif smaller than webp at q=100",
"with contentDispositionType inline dev support with next.config.js should compress avif smaller than webp at q=50",
"with contentDispositionType inline dev support with next.config.js should compress avif smaller than webp at q=75",
"with contentDispositionType inline dev support with next.config.js should downlevel avif format to jpeg for old Safari",
"with contentDispositionType inline dev support with next.config.js should downlevel webp format to jpeg for old Safari",
"with contentDispositionType inline dev support with next.config.js should emit blur svg when width is 8 in dev but not prod",
"with contentDispositionType inline dev support with next.config.js should emit blur svg when width is less than 8 in dev but not prod",
"with contentDispositionType inline dev support with next.config.js should error if the image file does not exist",
"with contentDispositionType inline dev support with next.config.js should error if the resource isn't a valid image",
"with contentDispositionType inline dev support with next.config.js should fail when domain is not defined in next.config.js",
"with contentDispositionType inline dev support with next.config.js should fail when internal url is not an image",
"with contentDispositionType inline dev support with next.config.js should fail when q is greater than 100",
"with contentDispositionType inline dev support with next.config.js should fail when q is less than 1",
"with contentDispositionType inline dev support with next.config.js should fail when q is missing",
"with contentDispositionType inline dev support with next.config.js should fail when q is not a number",
"with contentDispositionType inline dev support with next.config.js should fail when url fails to load an image",
"with contentDispositionType inline dev support with next.config.js should fail when url has file protocol",
"with contentDispositionType inline dev support with next.config.js should fail when url has ftp protocol",
"with contentDispositionType inline dev support with next.config.js should fail when url is missing",
"with contentDispositionType inline dev support with next.config.js should fail when w is 0",
"with contentDispositionType inline dev support with next.config.js should fail when w is less than 0",
"with contentDispositionType inline dev support with next.config.js should fail when w is missing",
"with contentDispositionType inline dev support with next.config.js should fail when w is not a number",
"with contentDispositionType inline dev support with next.config.js should fail when width is not in next.config.js",
"with contentDispositionType inline dev support with next.config.js should handle concurrent requests",
"with contentDispositionType inline dev support with next.config.js should handle non-ascii characters in image url",
"with contentDispositionType inline dev support with next.config.js should maintain animated gif",
"with contentDispositionType inline dev support with next.config.js should maintain animated png",
"with contentDispositionType inline dev support with next.config.js should maintain animated png 2",
"with contentDispositionType inline dev support with next.config.js should maintain animated webp",
"with contentDispositionType inline dev support with next.config.js should maintain bmp",
"with contentDispositionType inline dev support with next.config.js should maintain ico format",
"with contentDispositionType inline dev support with next.config.js should maintain jpg format for old Safari",
"with contentDispositionType inline dev support with next.config.js should maintain png format for old Safari",
"with contentDispositionType inline dev support with next.config.js should normalize invalid status codes",
"with contentDispositionType inline dev support with next.config.js should not allow svg with application header",
"with contentDispositionType inline dev support with next.config.js should not allow svg with comma header",
"with contentDispositionType inline dev support with next.config.js should not allow svg with uppercase header",
"with contentDispositionType inline dev support with next.config.js should not allow vector svg",
"with contentDispositionType inline dev support with next.config.js should not resize if requested width is larger than original source image",
"with contentDispositionType inline dev support with next.config.js should resize absolute url from localhost",
"with contentDispositionType inline dev support with next.config.js should resize relative url and new Chrome accept header as avif",
"with contentDispositionType inline dev support with next.config.js should resize relative url and old Chrome accept header as webp",
"with contentDispositionType inline dev support with next.config.js should resize relative url and png accept header",
"with contentDispositionType inline dev support with next.config.js should resize relative url and webp Firefox accept header",
"with contentDispositionType inline dev support with next.config.js should resize relative url with invalid accept header as gif",
"with contentDispositionType inline dev support with next.config.js should resize relative url with invalid accept header as png",
"with contentDispositionType inline dev support with next.config.js should resize relative url with invalid accept header as tiff",
"with contentDispositionType inline dev support with next.config.js should return home page",
"with contentDispositionType inline dev support with next.config.js should set 304 status without body when etag matches if-none-match",
"with contentDispositionType inline dev support with next.config.js should set cache-control to immutable for static images",
"with contentDispositionType inline dev support with next.config.js should use cache and stale-while-revalidate when query is the same for external image",
"with contentDispositionType inline dev support with next.config.js should use cache and stale-while-revalidate when query is the same for internal image",
"with contentDispositionType inline dev support with next.config.js should use cached image file when parameters are the same for animated gif"
],
"failed": [
"with contentDispositionType attachment Production Mode Server support w/o next.config.js should set cache-control to immutable for static images",
"with contentDispositionType attachment Production Mode Server support with next.config.js should set cache-control to immutable for static images"
"with contentDispositionType inline Production Mode Server support w/o next.config.js should set cache-control to immutable for static images",
"with contentDispositionType inline Production Mode Server support with next.config.js should set cache-control to immutable for static images"
],
"pending": [],
"flakey": [],