mirror of
https://github.com/go-gitea/gitea
synced 2025-01-24 08:34:28 +00:00
Kd/fix allow svg doctype (#14344)
* make svg regex case-insensitive & use strict word boundary * allow doctype svg * add doctype tests * allow <!DOCTYPE svg> and <svg/>
This commit is contained in:
parent
a21adf92ec
commit
bfd0c47ef6
@ -35,8 +35,8 @@ const sniffLen = 512
|
|||||||
// SVGMimeType MIME type of SVG images.
|
// SVGMimeType MIME type of SVG images.
|
||||||
const SVGMimeType = "image/svg+xml"
|
const SVGMimeType = "image/svg+xml"
|
||||||
|
|
||||||
var svgTagRegex = regexp.MustCompile(`(?s)\A\s*(?:<!--.*?-->\s*)*<svg\b`)
|
var svgTagRegex = regexp.MustCompile(`(?si)\A\s*(?:(<!--.*?-->|<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg[\s>\/]`)
|
||||||
var svgTagInXMLRegex = regexp.MustCompile(`(?s)\A<\?xml\b.*?\?>\s*(?:<!--.*?-->\s*)*<svg\b`)
|
var svgTagInXMLRegex = regexp.MustCompile(`(?si)\A<\?xml\b.*?\?>\s*(?:(<!--.*?-->|<!DOCTYPE\s+svg([\s:]+.*?>|>))\s*)*<svg[\s>\/]`)
|
||||||
|
|
||||||
// EncodeMD5 encodes string to md5 hex value.
|
// EncodeMD5 encodes string to md5 hex value.
|
||||||
func EncodeMD5(str string) string {
|
func EncodeMD5(str string) string {
|
||||||
|
@ -216,6 +216,9 @@ func TestIsSVGImageFile(t *testing.T) {
|
|||||||
assert.True(t, IsSVGImageFile([]byte(`<!-- Multiline
|
assert.True(t, IsSVGImageFile([]byte(`<!-- Multiline
|
||||||
Comment -->
|
Comment -->
|
||||||
<svg></svg>`)))
|
<svg></svg>`)))
|
||||||
|
assert.True(t, IsSVGImageFile([]byte(`<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1 Basic//EN"
|
||||||
|
"http://www.w3.org/Graphics/SVG/1.1/DTD/svg11-basic.dtd">
|
||||||
|
<svg></svg>`)))
|
||||||
assert.True(t, IsSVGImageFile([]byte(`<?xml version="1.0" encoding="UTF-8"?>
|
assert.True(t, IsSVGImageFile([]byte(`<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!-- Comment -->
|
<!-- Comment -->
|
||||||
<svg></svg>`)))
|
<svg></svg>`)))
|
||||||
@ -227,6 +230,11 @@ func TestIsSVGImageFile(t *testing.T) {
|
|||||||
<!-- Multline
|
<!-- Multline
|
||||||
Comment -->
|
Comment -->
|
||||||
<svg></svg>`)))
|
<svg></svg>`)))
|
||||||
|
assert.True(t, IsSVGImageFile([]byte(`<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
|
||||||
|
<!-- Multline
|
||||||
|
Comment -->
|
||||||
|
<svg></svg>`)))
|
||||||
assert.False(t, IsSVGImageFile([]byte{}))
|
assert.False(t, IsSVGImageFile([]byte{}))
|
||||||
assert.False(t, IsSVGImageFile([]byte("svg")))
|
assert.False(t, IsSVGImageFile([]byte("svg")))
|
||||||
assert.False(t, IsSVGImageFile([]byte("<svgfoo></svgfoo>")))
|
assert.False(t, IsSVGImageFile([]byte("<svgfoo></svgfoo>")))
|
||||||
|
Loading…
x
Reference in New Issue
Block a user