thumbor: converting to jpeg works, but cached version returns `image/png` headers

Thumbor request URL

The request url for the issue you are having, you can swap the host name with a fake

https://server/1mhIIUmP-IxrUCVx2WyZs7Sx_7c=/141x141/filters:fill(FFFFFF,true):format(jpeg)/images/library/745/Femur_-_posterior_view.png

Expected behaviour

The Content-Type headers should be image/jpeg always.

Actual behaviour

The first request returns Content-Type: image/jpeg. From the 2nd request onwards (when the result file gets cached), the headers are Content-Type: image/png

Operating system

Ubuntu, thumbor running in docker

Your thumbor.conf

################################### Logging ####################################

## Log Format to be used by thumbor when writing log messages.
## Defaults to: %(asctime)s %(name)s:%(levelname)s %(message)s
THUMBOR_LOG_FORMAT = '%(asctime)s %(name)s:%(levelname)s %(message)s'

## Date Format to be used by thumbor when writing log messages.
## Defaults to: %Y-%m-%d %H:%M:%S
THUMBOR_LOG_DATE_FORMAT = '%Y-%m-%d %H:%M:%S'

################################################################################


################################### Imaging ####################################

## Max pixel count for images read by thumbor. Set to prevent decompression bomb DOS attack.
## Defaults to: 75000000 pixels
MAX_PIXELS = 75000000

## Max width in pixels for images read or generated by thumbor
## Defaults to: 0
MAX_WIDTH = 0

## Max height in pixels for images read or generated by thumbor
## Defaults to: 0
MAX_HEIGHT = 0

## Min width in pixels for images read or generated by thumbor
## Defaults to: 1
MIN_WIDTH = 1

## Min width in pixels for images read or generated by thumbor
## Defaults to: 1
MIN_HEIGHT = 1

## Allowed domains for the http loader to download. These are regular
## expressions.
## Defaults to: []
ALLOWED_SOURCES =  []


## Quality index used for generated JPEG images
## Defaults to: 80
QUALITY = 80

## Quality index used for generated WebP images. If not set (None) the same level
## of JPEG quality will be used.
## Defaults to: None
WEBP_QUALITY = None

## Specifies whether WebP format should be used automatically if the request
## accepts it (via Accept header)
## Defaults to: False
AUTO_WEBP = False

## Max AGE sent as a header for the image served by thumbor in seconds
## Defaults to: 86400
MAX_AGE = 86400

## Indicates the Max AGE header in seconds for temporary images (images with
## failed smart detection)
## Defaults to: 0
MAX_AGE_TEMP_IMAGE = 0

## Indicates whether thumbor should rotate images that have an Orientation EXIF
## header
## Defaults to: False
RESPECT_ORIENTATION = False

## Ignore errors during smart detections and return image as a temp image (not
## saved in result storage and with MAX_AGE_TEMP_IMAGE age)
## Defaults to: False
IGNORE_SMART_ERRORS = False

## Preserves exif information in generated images. Increases image size in
## kbytes, use with caution.
## Defaults to: False
PRESERVE_EXIF_INFO = False

## Indicates whether thumbor should enable the EXPERIMENTAL support for animated
## gifs.
## Defaults to: True
ALLOW_ANIMATED_GIFS = True

## Indicates whether thumbor should use gifsicle engine. Please note that smart
## cropping and filters are not supported for gifs using gifsicle (but won't
## give an error).
## Defaults to: False
USE_GIFSICLE_ENGINE = False

## Indicates whether thumbor should enable blacklist functionality to prevent
## processing certain images.
## Defaults to: False
USE_BLACKLIST = False

################################################################################


################################ Extensibility #################################

## The loader thumbor should use to load the original image. This must be the
## full name of a python module (python must be able to import it)
## Defaults to: thumbor.loaders.http_loader
LOADER = 'tc_aws.loaders.s3_loader'

## The file storage thumbor should use to store original images. This must be the
## full name of a python module (python must be able to import it)
## Defaults to: thumbor.storages.file_storage
STORAGE = 'thumbor.storages.mixed_storage'
STORAGE_BUCKET = ''
RESULT_STORAGE_BUCKET = ''


## The result storage thumbor should use to store generated images. This must be
## the full name of a python module (python must be able to import it)
## Defaults to: None

RESULT_STORAGE = 'thumbor.result_storages.file_storage'


## The imaging engine thumbor should use to perform image operations. This must
## be the full name of a python module (python must be able to import it)
## Defaults to: thumbor.engines.pil
ENGINE = 'thumbor.engines.pil'

################################################################################


################################### Security ###################################

## The security key thumbor uses to sign image URLs
## Defaults to: MY_SECURE_KEY
SECURITY_KEY = '****'

## Indicates if the /unsafe URL should be available
## Defaults to: True
ALLOW_UNSAFE_URL = False

## Indicates if encrypted (old style) URLs should be allowed
## Defaults to: True
ALLOW_OLD_URLS = True

## AWS access keys - used in thumbor_aws storage
AWS_ACCESS_KEY = '***'
AWS_SECRET_KEY = '****'

################################################################################


################################# File Loader ##################################

## The root path where the File Loader will try to find images
## Defaults to: /tmp
FILE_LOADER_ROOT_PATH = '/data/loader'

################################################################################


################################# HTTP Loader ##################################

## The maximum number of seconds libcurl can take to connect to an image being
## loaded
## Defaults to: 5
HTTP_LOADER_CONNECT_TIMEOUT = 5

## The maximum number of seconds libcurl can take to download an image
## Defaults to: 20
HTTP_LOADER_REQUEST_TIMEOUT = 20

## Indicates whether libcurl should follow redirects when downloading an image
## Defaults to: True
HTTP_LOADER_FOLLOW_REDIRECTS = True

## Indicates the number of redirects libcurl should follow when downloading an
## image
## Defaults to: 5
HTTP_LOADER_MAX_REDIRECTS = 5

## Indicates whether thumbor should forward the user agent of the requesting user
## Defaults to: False
HTTP_LOADER_FORWARD_USER_AGENT = False

## Default user agent for thumbor http loader requests
## Defaults to: Thumbor/5.0.3
HTTP_LOADER_DEFAULT_USER_AGENT = 'Thumbor/5.0.3'

## The proxy host needed to load images through
## Defaults to: None
HTTP_LOADER_PROXY_HOST = None

## The proxy port for the proxy host
## Defaults to: None
HTTP_LOADER_PROXY_PORT = None

## The proxy username for the proxy host
## Defaults to: None
HTTP_LOADER_PROXY_USERNAME = None

## The proxy password for the proxy host
## Defaults to: None
HTTP_LOADER_PROXY_PASSWORD = None

################################################################################


################################# File Storage #################################

## Expiration in seconds for the images in the File Storage. Defaults to one
## month
## Defaults to: 2592000
STORAGE_EXPIRATION_SECONDS = 604800

## Indicates whether thumbor should store the signing key for each image in the
## file storage. This allows the key to be changed and old images to still be
## properly found
## Defaults to: False
STORES_CRYPTO_KEY_FOR_EACH_IMAGE = False

## The root path where the File Storage will try to find images
## Defaults to: /tmp/thumbor/storage
FILE_STORAGE_ROOT_PATH = '/data/storage'

################################################################################


#################################### Upload ####################################

## Max size in Kb for images uploaded to thumbor
## Aliases: MAX_SIZE
## Defaults to: 0
UPLOAD_MAX_SIZE = 0

## Indicates whether thumbor should enable File uploads
## Aliases: ENABLE_ORIGINAL_PHOTO_UPLOAD
## Defaults to: False
UPLOAD_ENABLED = False

## The type of storage to store uploaded images with
## Aliases: ORIGINAL_PHOTO_STORAGE
## Defaults to: thumbor.storages.file_storage
UPLOAD_PHOTO_STORAGE = 'thumbor.storages.file_storage'

## Indicates whether image deletion should be allowed
## Aliases: ALLOW_ORIGINAL_PHOTO_DELETION
## Defaults to: False
UPLOAD_DELETE_ALLOWED = False

## Indicates whether image overwrite should be allowed
## Aliases: ALLOW_ORIGINAL_PHOTO_PUTTING
## Defaults to: False
UPLOAD_PUT_ALLOWED = False

## Default filename for image uploaded
## Defaults to: image
UPLOAD_DEFAULT_FILENAME = 'image'

################################################################################


############################### MongoDB Storage ################################

## MongoDB storage server host
## Defaults to: localhost
MONGO_STORAGE_SERVER_HOST = 'mongo'

## MongoDB storage server port
## Defaults to: 27017
MONGO_STORAGE_SERVER_PORT = 27017

## MongoDB storage server database name
## Defaults to: thumbor
MONGO_STORAGE_SERVER_DB = 'thumbor'

## MongoDB storage image collection
## Defaults to: images
MONGO_STORAGE_SERVER_COLLECTION = 'images'

################################################################################


################################ Redis Storage #################################

## Redis storage server host
## Defaults to: localhost
REDIS_STORAGE_SERVER_HOST = 'redis'

## Redis storage server port
## Defaults to: 6379
REDIS_STORAGE_SERVER_PORT = 6379

## Redis storage database index
## Defaults to: 0
REDIS_STORAGE_SERVER_DB = 0

## Redis storage server password
## Defaults to: None
REDIS_STORAGE_SERVER_PASSWORD = None

################################################################################


################################ Redis Result Storage #################################

## Redis storage server host
## Defaults to: localhost
REDIS_RESULT_STORAGE_SERVER_HOST = 'redis'

## Redis storage server port
## Defaults to: 6379
REDIS_RESULT_STORAGE_SERVER_PORT = 6379

## Redis storage database index
## Defaults to: 0
REDIS_RESULT_STORAGE_SERVER_DB = 0

## Redis storage server password
## Defaults to: None
REDIS_RESULT_STORAGE_SERVER_PASSWORD = None

################################################################################


############################### Memcache Storage ###############################

## List of Memcache storage server hosts
## Defaults to: ['localhost:11211']
MEMCACHE_STORAGE_SERVERS = ['localhost:11211']


################################################################################


################################ Mixed Storage #################################

## Mixed Storage file storage. This must be the full name of a python module
## (python must be able to import it)
## Defaults to: thumbor.storages.no_storage
MIXED_STORAGE_FILE_STORAGE = 'thumbor.storages.file_storage'

## Mixed Storage signing key storage. This must be the full name of a python
## module (python must be able to import it)
## Defaults to: thumbor.storages.no_storage
MIXED_STORAGE_CRYPTO_STORAGE = 'thumbor.storages.no_storage'

## Mixed Storage detector information storage. This must be the full name of a
## python module (python must be able to import it)
## Defaults to: thumbor.storages.no_storage
MIXED_STORAGE_DETECTOR_STORAGE = 'tc_redis.storages.redis_storage'

################################################################################


##################################### Meta #####################################

## The callback function name that should be used by the META route for JSONP
## access
## Defaults to: None
META_CALLBACK_NAME = None

################################################################################


################################## Detection ###################################

## List of detectors that thumbor should use to find faces and/or features. All
## of them must be full names of python modules (python must be able to import
## it)
## Defaults to: []
#DETECTORS =  [
#'thumbor.detectors.queued_detector.queued_complete_detector',
#'thumbor.detectors.queued_detector.queued_face_detector',
#'thumbor.detectors.queued_detector.queued_feature_detector',
#'thumbor.detectors.feature_detector',
#'thumbor.detectors.face_detector',
#]
DETECTORS = ['thumbor.detectors.queued_detector.queued_complete_detector']

## The cascade file that opencv will use to detect faces
## Defaults to: haarcascade_frontalface_alt.xml
FACE_DETECTOR_CASCADE_FILE = 'haarcascade_frontalface_alt.xml'

################################################################################


################################## Optimizers ##################################

## List of optimizers that thumbor will use to optimize images
## Defaults to: [] --> ['thumbor.optimizers.jpegtran',]
OPTIMIZERS = []


## Path for the jpegtran binary
## Defaults to: /usr/bin/jpegtran
JPEGTRAN_PATH = '/usr/bin/jpegtran'
PROGRESSIVE_JPEG = True

################################################################################


################################### Filters ####################################

## List of filters that thumbor will allow to be used in generated images. All of
## them must be full names of python modules (python must be able to import
## it)
## Defaults to: ['thumbor.filters.brightness', 'thumbor.filters.contrast', 'thumbor.filters.rgb', 'thumbor.filters.round_corner', 'thumbor.filters.quality', 'thumbor.filters.noise', 'thumbor.filters.watermark', 'thumbor.filters.equalize', 'thumbor.filters.fill', 'thumbor.filters.sharpen', 'thumbor.filters.strip_icc', 'thumbor.filters.frame', 'thumbor.filters.grayscale', 'thumbor.filters.rotate', 'thumbor.filters.format', 'thumbor.filters.max_bytes', 'thumbor.filters.convolution', 'thumbor.filters.blur', 'thumbor.filters.extract_focal', 'thumbor.filters.no_upscale']
FILTERS = ['thumbor.filters.brightness', 'thumbor.filters.contrast', 'thumbor.filters.rgb', 'thumbor.filters.round_corner', 'thumbor.filters.quality', 'thumbor.filters.noise', 'thumbor.filters.watermark', 'thumbor.filters.equalize', 'thumbor.filters.fill', 'thumbor.filters.sharpen', 'thumbor.filters.strip_icc', 'thumbor.filters.frame', 'thumbor.filters.grayscale', 'thumbor.filters.rotate', 'thumbor.filters.format', 'thumbor.filters.max_bytes', 'thumbor.filters.convolution', 'thumbor.filters.blur', 'thumbor.filters.extract_focal', 'thumbor.filters.no_upscale']

################################################################################


################################ Result Storage ################################

## Expiration in seconds of generated images in the result storage
## Defaults to: 0
RESULT_STORAGE_EXPIRATION_SECONDS = 14400

## Path where the Result storage will store generated images
## Defaults to: /tmp/thumbor/result_storage
RESULT_STORAGE_FILE_STORAGE_ROOT_PATH = '/data/result_storage'

## Indicates whether unsafe requests should also be stored in the Result Storage
## Defaults to: False
RESULT_STORAGE_STORES_UNSAFE = False

################################################################################


############################ Queued Redis Detector #############################

## Server host for the queued redis detector
## Defaults to: localhost
REDIS_QUEUE_SERVER_HOST = 'redis'

## Server port for the queued redis detector
## Defaults to: 6379
REDIS_QUEUE_SERVER_PORT = 6379

## Server database index for the queued redis detector
## Defaults to: 0
REDIS_QUEUE_SERVER_DB = 0

## Server password for the queued redis detector
## Defaults to: None
REDIS_QUEUE_SERVER_PASSWORD = None

################################################################################


############################# Queued SQS Detector ##############################

## AWS key id
## Defaults to: None
SQS_QUEUE_KEY_ID = None

## AWS key secret
## Defaults to: None
SQS_QUEUE_KEY_SECRET = None

## AWS SQS region
## Defaults to: us-east-1
SQS_QUEUE_REGION = 'us-east-1'

################################################################################


#################################### Errors ####################################

## This configuration indicates whether thumbor should use a custom error
## handler.
## Defaults to: False
USE_CUSTOM_ERROR_HANDLING = False

## Error reporting module. Needs to contain a class called ErrorHandler with a
## handle_error(context, handler, exception) method.
## Defaults to: thumbor.error_handlers.sentry
ERROR_HANDLER_MODULE = 'thumbor.error_handlers.sentry'

## File of error log as json
## Defaults to: None
ERROR_FILE_LOGGER = None

## File of error log name is parametrized with context attribute
## Defaults to: False
ERROR_FILE_NAME_USE_CONTEXT = False

################################################################################


############################### Errors - Sentry ################################

## Sentry thumbor project dsn. i.e.: http://5a63d58ae7b94f1dab3dee740b301d6a:73ee
## a45d3e8649239a973087e8f21f98@localhost:9000/2
## Defaults to:
SENTRY_DSN_URL = 'https://*****'

################################################################################


############################## TC_AWS ##########################################
TC_AWS_REGION = 'eu-west-1' # AWS Region

TC_AWS_STORAGE_BUCKET = '' # S3 bucket for Storage
TC_AWS_STORAGE_ROOT_PATH = '' # S3 path prefix for Storage bucket

TC_AWS_LOADER_BUCKET = 'static.kenhub.com' #S3 bucket for loader
TC_AWS_LOADER_ROOT_PATH = '' # S3 path prefix for Loader bucket

TC_AWS_RESULT_STORAGE_BUCKET = '' # S3 bucket for result Storage
TC_AWS_RESULT_STORAGE_ROOT_PATH = '' # S3 path prefix for Result storage bucket

# put data into S3 using the Server Side Encryption functionality to
# encrypt data at rest in S3
# https://aws.amazon.com/about-aws/whats-new/2011/10/04/amazon-s3-announces-server-side-encryption-support/
TC_AWS_STORAGE_SSE = False

# put data into S3 with Reduced Redundancy
# https://aws.amazon.com/about-aws/whats-new/2010/05/19/announcing-amazon-s3-reduced-redundancy-storage/
TC_AWS_STORAGE_RRS = False


# Enable HTTP Loader as well?
# This would allow you to load watermarks in over your images dynamically through a URI
# E.g.
# http://your-thumbor.com/unsafe/filters:watermark(http://example.com/watermark.png,0,0,50)/s3_bucket/photo.jpg
TC_AWS_ENABLE_HTTP_LOADER = False

TC_AWS_ALLOWED_BUCKETS = False # List of allowed bucket to be requested
TC_AWS_STORE_METADATA = False # Store result with metadata (for instance content-type)
################################################################################