The Shopify CDN is returning Content-Type: image/svg+xml even though .jpg is specified
$ http HEAD 'https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg?v=1764822038
HTTP/1.1 200 OK
Content-Type: image/svg+xml
for reference this is what happens when the correct image type is returned
$ http HEAD ‘https://cdn.shopify.com/s/files/1/0761/0181/2540/files/2-function.svg.jpg?v=1764822038’
HTTP/1.1 200 OK
Content-Type: image/jpeg
I’m not if this is the right category for this question. Feel free to let me know if I need to move it!
Bug report
it case it wasn’t clear, format conversion is a feature of the Shopify CDN https://cdn.shopify.com/
jessec
January 21, 2026, 4:57pm
3
I have no experience with this at all, but you have me curious about this behavior, just from one developer to another. A couple thoughts:
That page says “Shopify automatically detects which file formats are supported on the client side and sends the best option” but that leaves a lot of open questions. (Detects how? What’s “best”?) If I use curl one your example image URLs I get image/svg+xml for both no matter what, it seems.
Any chance SVG is just too much for this system to handle as one of those automatically-converted image formats? Rendering as an actual raster image versus just delivering the XML as-is seems like it might be outside the scope of their image format conversion. But, I’m just guessing since they don’t give details!
Edit: Nevermind, with a corrected example URL I see the same behavior @sengming describes.
if you curl https://cdn.shopify.com/s/files/1/0761/0181/2540/files/2-function.svg.jpg?v=1764822038 you’ll get Content-Type: image/jpeg ! That’s how I know it works sometimes.
jessec
January 21, 2026, 5:46pm
5
Wait, you’re right, I see the same thing! The formatting on your first link for the 2-function file includes an extra character in the URL at the end (...038’ with the curly quote in the URL) and with that included the Shopify CDN gives an SVG. If that’s excluded it does give a JPEG like you said. So it definitely is rendering SVG as a raster image… but just for your one file and not the other. Weird.
Hi @sengming , thanks for reaching out.
To confirm I’m understanding correctly: for some .svg.jpg images, the Content-Type response header is image/svg+xml, while for others it’s image/jpeg?
When I curled the headers for both images I got image/jpeg:
Then when I opened the links in my Chrome browser, I got image/svg+xml:
thanks @Paige-Shopify for trying it out. I am getting content-type: image/svg+xml even on curl!
This is what I’m getting
> curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=1764822038
HTTP/2 200
date: Thu, 22 Jan 2026 16:14:23 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
it’s weird when I do it it’s still stuck at content-type: image/svg+xml. Is it possible to request a purge of this entry? I tried using different v values and still have the same problem.
> curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=67
HTTP/2 200
date: Thu, 22 Jan 2026 16:18:08 GMT
content-type: image/svg+xml
That is strange. Is it that specific image only or other images as well?
In the response headers, you should see an x-request-id . Could you share one of those values with us so we can check our logs?
this is the only time it’s happened to me (so far)
x-request-id: 3ebbd7ad-725a-4058-be1b-fa20f23573a7-1769181708
full headers here:
> curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=1764822039
HTTP/2 200
date: Fri, 23 Jan 2026 15:21:49 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox; report-to csp-reports
link: <https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg>; rel="canonical"
reporting-endpoints: csp-reports="https://security-reports.shopifysvc.com/reporting-api?source_app=cdn-shopify-shop-assets&policy_id=aab9a444-ea1a-4369-a32b-f5a658701a14"
server-timing: imagery;dur=437.095, imageryFetch;dur=216.467, imageryProcess;dur=0.303;desc="image"
source-length: 9063949
source-type: image/svg+xml
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 3ebbd7ad-725a-4058-be1b-fa20f23573a7-1769181708
x-shopid: 76101812540
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Fri, 23 Jan 2026 15:21:49 GMT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cg7iv%2BXcCTJXajoyawFZVd27cZCnUDmcZOoyNTJfjMsPJZq1KQhx%2Fw5IxxSoh02qJ69wCyZeSz71qi0TxUgDh8uR6e2RQUtg6mZkNjfj5CCuV%2B1M%2B7q4u3iszVVIwebS2kXSGYOGcPW6LUCK8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=631.000280
server-timing: ipv6
server: cloudflare
cf-ray: 9c28486e38cc7d02-EWR
alt-svc: h3=":443"; ma=86400
1 Like
Thanks for sharing those!
Interestingly, I was just able to replicate the issue with v=1764822039.
https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg?v=1764822038 = image/jpeghttps://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg?v=1764822039 = image/svg+xml
I’m unsure how that would happen so we’re looking into this on our end and will share an update as soon as we have more information.
1 Like
@sengming , we investigated this further and discovered a small issue with .svg to .jpg conversion. A fix for this has now been deployed. Thanks for reporting this issue to us, and please do let us know if you encounter any further issues
1 Like
thanks for all the help @Paige-Shopify !
However, I’m still seeing the same problem (x-request-id: 8dfa4f5c-e507-4f18-b118-52580435748d-1769444494):
Should I wait another day?
❯ curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=1764822039
HTTP/2 200
date: Wed, 28 Jan 2026 18:06:12 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox; report-to csp-reports
link: <https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg>; rel="canonical"
reporting-endpoints: csp-reports="https://security-reports.shopifysvc.com/reporting-api?source_app=cdn-shopify-shop-assets&policy_id=aab9a444-ea1a-4369-a32b-f5a658701a14"
server-timing: imagery;dur=493.733, imageryFetch;dur=231.119, imageryProcess;dur=1.073;desc="image"
source-length: 9063949
source-type: image/svg+xml
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 8dfa4f5c-e507-4f18-b118-52580435748d-1769444494
x-shopid: 76101812540
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Mon, 26 Jan 2026 16:21:34 GMT
cf-cache-status: HIT
age: 179078
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=051YGwo%2BEnM%2B8jRzugg13In6i4Ml9mXPIJ0ZCxX5rBqf7r%2Bl0pgbVQWE6Jnyo7P0Osvk7Ojw%2BXk%2FQIyRZ9h5nWeGLyXgqTvApgAHm01BW2oovu02X8LM%2Fq49YPsNgB6uFGR6JIAGGT8dUOR%2FuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=25.999784
server-timing: ipv6
server: cloudflare
cf-ray: 9c526c218e437283-EWR
alt-svc: h3=":443"; ma=86400
Yes, I recommend waiting another day or so.cf-cache-status: HIT
I’m still seeing the same issue
❯ curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=1764822039
HTTP/2 200
date: Thu, 29 Jan 2026 20:46:25 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox; report-to csp-reports
link: <https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg>; rel="canonical"
reporting-endpoints: csp-reports="https://security-reports.shopifysvc.com/reporting-api?source_app=cdn-shopify-shop-assets&policy_id=aab9a444-ea1a-4369-a32b-f5a658701a14"
server-timing: imagery;dur=493.733, imageryFetch;dur=231.119, imageryProcess;dur=1.073;desc="image"
source-length: 9063949
source-type: image/svg+xml
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-request-id: 8dfa4f5c-e507-4f18-b118-52580435748d-1769444494
x-shopid: 76101812540
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Mon, 26 Jan 2026 16:21:34 GMT
cf-cache-status: HIT
age: 275091
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVjwE77X3kWfquZvCvotezD%2Fbt0YDe9%2F3YiBzGb3gsXT37urY7ATU4U%2FN9eXKG9JxYaORKKOXhlJWBSfox3L1wYpk9lNs7ZSvHlTf3F05haMgXsz5LfpqqqdML73EpwtWL%2FlFhUBLcmUALBpWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=13.000011
server-timing: ipv6
server: cloudflare
cf-ray: 9c5b94308a77b886-EWR
alt-svc: h3=":443"; ma=86400
Looks like it’s still hitting the cache. We might have to wait until that cache clears first to confirm.
Hi @Paige-Shopify it’s been a week and I’m still getting the same error. Is there a way to clear the cache?
❯ curl -I https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg\?v\=1764822039
HTTP/2 200
date: Tue, 03 Feb 2026 14:23:06 GMT
content-type: image/jpeg
content-length: 92377
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
content-security-policy: sandbox;
link: <https://cdn.shopify.com/s/files/1/0761/0181/2540/files/3-targetuser.svg.jpg>; rel="canonical"
server-timing: imagery;dur=1135.509, imageryFetch;dur=354.411, imageryProcess;dur=709.684;desc="image"
source-length: 9063949
source-type: image/svg+xml
timing-allow-origin: *
x-content-type-options: nosniff
x-request-id: 5d82b5bf-364c-48f4-a219-e8f91a8773f1-1770128585
x-shopid: 76101812540
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-east1
last-modified: Tue, 03 Feb 2026 14:23:06 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YlFj1qnNG2M43xuSD22MGtPYfVfYsEDrwnUhA%2Frok5zI4%2F5E6x0MaRHJFztUviE8RrxyRR4JxmoPYIJigX1AD1PS4Fk8B%2B0UrY3mwJ2fTvTe9LB%2FgJElzHHsGb6nUI%2Bqc9Qt7f35qTKh0Rs0uw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=1229.000092
server-timing: ipv6
server: cloudflare
cf-ray: 9c82958c0d3dcdf0-EWR
alt-svc: h3=":443"; ma=86400
I just noticed that it is starting to happening for .gif files too
curl -I 'https://cdn.shopify.com/s/files/1/0641/5784/3670/files/SanrioPocketSmileAssets_1_b2912074-bb5a-4df8-bec5-bcf0e4fd6a61.gif.jpg?v=1765436143'
HTTP/2 200
date: Tue, 03 Feb 2026 19:50:18 GMT
content-type: image/gif
content-length: 555813
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
link: <https://cdn.shopify.com/s/files/1/0641/5784/3670/files/SanrioPocketSmileAssets_1_b2912074-bb5a-4df8-bec5-bcf0e4fd6a61.gif.jpg>; rel="canonical"
server-timing: imagery;dur=54.637, imageryFetch;dur=52.296, imageryProcess;dur=0.082;desc="image"
source-length: 555813
source-type: image/gif
timing-allow-origin: *
vary: Accept
x-content-type-options: nosniff
x-request-id: 03410477-2277-4aea-a17e-2f718030c222-1770090073
x-shopid: 64157843670
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-dc: gcp-us-east1,gcp-us-central1
last-modified: Tue, 03 Feb 2026 03:41:13 GMT
cf-cache-status: HIT
age: 172
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UG%2BRM2WUsreuINHIJOVwSg01fnMHmzfh2ql65pqWM%2BY5Ti2NoQWH7nCv7wexdeV2knqULozMoiyHfDdRwtTCCE4bgTK1Uk4j5c7LrvjiTc2QkQpv5d1hpMlJe8FVJVNVNFq0AaOETrK08xuKKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server-timing: cfRequestDuration;dur=38.999796
server-timing: ipv6
server: cloudflare
cf-ray: 9c8474df9fb1d923-EWR
alt-svc: h3=":443"; ma=86400
@sengming , it looks like that request actually returned image/jpeg as expected now that it has cf-cache-status: MISS:
Do you have a request ID for a recent request where it didn’t?
Regarding the .gif files, I’ll look into that now. We might need a follow-up fix for this format as well. Let me know if you encounter issues with any other formats in the meantime
yes you’re right about the svg files are now showing as jpeg thanks!!
thanks for looking into the GIF file too.
