Support for WebP

[sudwhiwdh]

What is the feature you think should be a good addition to Dangerzone?

Recently noticed this format while downloading images from the internet. I am wondering if it could be added to the list of supported file formats.

Is your feature request related to a problem? Please describe.

Currently, Dangerzone tells me that this file format is not supported.

[apyrgio]

Hm, good idea. It will be a tad more difficult to add because PyMuPDF (the PDF engine we're using) does not support it natively: https://github.com/pymupdf/PyMuPDF/issues/2417. However, we can introduce another library to do so, such as Pillow.

[sudwhiwdh]

I don't know if this is supportive information to solve this issue: mat2 recently added support for WebP. https://github.com/jvoisin/mat2/releases/tag/0.14.0

[almet]

Thanks for the heads up, this allowed me to have a look at the mat2 code base.

To read the pixel buffer, they use a different library: gdk-pixbuf, which could be installed in our container with the libgdk-pixbuf package and PyGObject, which requires compilation of a C library. I'm actually not sure if this would be a better option than relying on Pillow, which is using pure python to do the same thing. When we pick one option, we should consider the attack surface it offers.

I also took this opportunity to have a look at mat2 codebase, to check if we could benefit from switching from our own mechanism to what is done there, but unfortunately, that's not the case:

While mat2 is sometimes taking the same approach we take: reading the pixel buffers from a file and recreating it, as they're doing for .webp, it's not always the case, and for some other cases they're just opening the file and removing the metadata in it, which really is a different approach, serving a different threat model (opening your files and stripping their metadata versus opening an untrusted file)