Magic number for google Image Format

I am developing (Node.js) my own small procedure to check the file (image) types. So far so good, until I tried to add validation for Google WebP format.

As a guide for Magic Number I have used the file-type library. In their source code they list Magic number for WebP to be (line 45):

0x57, 0x45, 0x42, 0x50

In my library I am using only first two bytes. So I used 0x57 and 0x45 as a reference.

After implementation, I needed a proper image sample. So I dug this out. That is official Google library sample.
But the image I downloaded from there, has a different signature. I am getting:

0x52 and 0x49
I also tried to find Magic Number for WebP, but without success. All I was able to find is this Wiki. But it does not provide Magic Number.

Now I hope you understand my dilemma. What information should I use? The one from the file-type library, or take the information from the downloaded image sample from Google?

To summarise the question, should I use:

0x52 and 0x49 (image signature, downloaded from Google)

or

0x57 and 0x45 (sample from image-type library)

or

something entirely else?

According to Google’s WebP Container Specification, the WebP file header for both the lossy and the lossless formats consists of 12 bytes:

  • The 32-bit RIFF tag, consisting of the four ASCII letters ‘R’, ‘I’, ‘F’, ‘F’, i.e. 0x52, 0x49, 0x46, 0x46.
  • The file size minus 8, specified as a 32-bit unsigned integer in little-endian byte order.
  • The 32-bit WEBP tag, consisting of the four ASCII letters ‘W’, ‘E’, ‘B’, ‘P’, i.e. 0x57, 0x45, 0x42, 0x50.

So your “image signature, downloaded from Google” is obviously the first byte pair of the RIFF tag, while the “sample from image-type library” is the first byte pair of the WEBP tag. WebP images stored in files or transmitted over the internet always comprise the RIFF header, so you should check for the letters ‘R’, ‘I’, i.e. 0x52, 0x49.

Note, however, that checking the first two bytes only is rather inaccurate. A safe signature check would test the first four bytes for ‘RIFF’, skip the four length bytes, then check for ‘WEBP’.