---
url: 'https://adk.nht.io/api/@nhtio/adk/batteries/functions/sanitizeMimeType.md'
---

# Function: sanitizeMimeType()

```ts
function sanitizeMimeType(
  raw: string,
  kind?: "document" | "audio" | "image" | "video",
): string;
```

Defined in: [src/batteries/llm/chat\_common/helpers.ts:130](https://github.com/NHTIO/ADK/blob/v1.20260713.1/src/src/batteries/llm/chat_common/helpers.ts#L130)

Validate a media `mimeType` for safe interpolation into a `data:<mime>;base64,…` URI, a
`Blob({type})`, or a synthetic-description line.

## Parameters

| Parameter | Type                                                |
| --------- | --------------------------------------------------- |
| `raw`     | `string`                                            |
| `kind?`   | `"document"` | `"audio"` | `"image"` | `"video"` |

## Returns

`string`

## Remarks

A raw `mimeType` is attacker-influenced (it rides in on user uploads / tool output). The committee's
sharpest finding was a `mimeType` like `image/png;base64,<payload>;x=` — interpolated into
`data:${mime};base64,${b64}` it produces a DOUBLE `;base64,`, letting a permissive data-URI parser
decode the attacker's prefix instead of the real payload (a content-type confusion / injection). A
`\r\n` in the mime is an HTTP-header-injection vector if the URI is ever reflected. We accept ONLY a
strict `type/subtype` (no params, no whitespace, no `;`/`,`); anything else collapses to the kind's
generic safe subtype (so an image still decodes as an image) or `application/octet-stream`.
