adam/Piwigo
1
0
Fork 0
mirror of https://github.com/Piwigo/Piwigo.git synced 2026-06-01 20:04:51 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
2357a86d51b315b846884e9f77076a82ccdbd1f2
Piwigo/include/svg-sanitizer.php
T
RushLana 2357a86d51 Fixes #2552 - Implement SVG validation 
Use https://github.com/darylldoyle/svg-sanitizer to check for malicious code inside svg, throw an error code 415 when triggered in the API.
2026-05-26 14:26:39 +02:00

35 lines
1.2 KiB
PHP
Raw Blame History

<?php
require_once( __DIR__ . '/svg-sanitizer/data/AttributeInterface.php' );
require_once( __DIR__ . '/svg-sanitizer/data/TagInterface.php' );
require_once( __DIR__ . '/svg-sanitizer/data/AllowedAttributes.php' );
require_once( __DIR__ . '/svg-sanitizer/data/AllowedTags.php' );
require_once( __DIR__ . '/svg-sanitizer/data/XPath.php' );
require_once( __DIR__ . '/svg-sanitizer/ElementReference/Resolver.php' );
require_once( __DIR__ . '/svg-sanitizer/ElementReference/Subject.php' );
require_once( __DIR__ . '/svg-sanitizer/ElementReference/Usage.php' );
require_once( __DIR__ . '/svg-sanitizer/Exceptions/NestingException.php' );
require_once( __DIR__ . '/svg-sanitizer/Helper.php' );
require_once( __DIR__ . '/svg-sanitizer/Sanitizer.php' );
use enshrined\svgSanitize\Sanitizer;
// Create a new sanitizer instance
global $sanitizer;
$sanitizer = new Sanitizer();
function validate_svg(string $svg_content): string
{
global $sanitizer;
try
{
$sanitize_status = $sanitizer->sanitize($svg_content);
$issues = $sanitizer->getXmlIssues();
return ($issues) ? $issues[0]['message'] : '';
}
catch(Exception $e)
{
return 'Exception during scan: '.$e->getMessage();
}
}
Reference in New Issue View Git Blame Copy Permalink