Nemcio/Grav-Admin-Plugin
1
0
Fork 0
mirror of https://github.com/getgrav/grav-plugin-admin.git synced 2025-10-28 08:46:45 +01:00
Code Issues Packages Projects Releases Activity

Sanitize Page Media

Browse Source
This commit is contained in:
Andy Miller
2019-09-03 12:18:20 -06:00
parent 574bc9e155
commit d41a8be8fa
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@@ -2,7 +2,8 @@
## mm/dd/2019 ## mm/dd/2019
1. [](#new) 1. [](#new)
* Add ability to Sanitize SVGs on upload * Add ability to Sanitize SVGs on file upload
* Add ability to Sanitize SVGs in Page media
# v1.10.0-beta.7 # v1.10.0-beta.7
## 08/30/2019 ## 08/30/2019

6
classes/plugin/AdminController.php
View File

@@ -2087,7 +2087,6 @@ class AdminController extends AdminBaseController
return false; return false;
} }
$media = $this->getMedia(); $media = $this->getMedia();
if (!$media) { if (!$media) {
$this->admin->json_response = [ $this->admin->json_response = [
@@ -2105,6 +2104,11 @@ class AdminController extends AdminBaseController
$path = $locator->findResource($path, true, true); $path = $locator->findResource($path, true, true);
} }
// Special Sanitization for SVG
if (Utils::contains($extension, 'svg', false)) {
Security::sanitizeSVG($_FILES['file']['tmp_name']);
}
// Upload it // Upload it
if (!move_uploaded_file($_FILES['file']['tmp_name'], sprintf('%s/%s', $path, $filename))) { if (!move_uploaded_file($_FILES['file']['tmp_name'], sprintf('%s/%s', $path, $filename))) {
$this->admin->json_response = [ $this->admin->json_response = [