WP 4.7.1 Kills SVG

  • Resolved bpisystems

    (@bpisystems)


    7 years, 10 months ago

    Update the WP install to 4.7.1 yesterday.

    Today, went in to upload a modified SVG file for use on the site. WP is throwing an error stating:

    “Sorry, this file type is not permitted for security reasons.”

    I’ve DELETED the plugin, reinstalled, and tested again with the same results.

    This feels more like an issue brought on by the WP update than with the plugin though I have no way to TS the issue.

    The current SVGs on the site display normally. I used scp to drop in an updated version of an existing file into wp-content. While it displays on the admin side, the page itself fails to display the svg image.

    Hope that helps to narrow down where this might be going sideways.

Viewing 4 replies - 46 through 49 (of 49 total)

  • 4.7.1 has broken a lot more than just SVG uploads. Non-image types are passed through finfo_file to attempt to derive their “true” MIME type beyond what WP guesses based on the file name. I appreciate the effort, but PHP’s MIME database is about as incomplete as WordPress’, and often times even when it is correct it returns a different MIME than WordPress would expect for the same type of file (e.g. audio/mp3 vs audio/mpeg).

    Luckily there’s a filter we can hook into to bypass this buggy behavior:

    
function ignore_upload_ext($checked, $file, $filename, $mimes){

	//we only need to worry if WP failed the first pass
	if(!$checked['type']){
		//rebuild the type info
		$wp_filetype = wp_check_filetype( $filename, $mimes );
		$ext = $wp_filetype['ext'];
		$type = $wp_filetype['type'];
		$proper_filename = $filename;

		//preserve failure for non-svg images
		if($type && 0 === strpos($type, 'image/') && $ext !== 'svg'){
			$ext = $type = false;
		}

		//everything else gets an OK, so e.g. we've disabled the error-prone finfo-related checks WP just went through. whether or not the upload will be allowed depends on the <code>upload_mimes</code>, etc.

		$checked = compact('ext','type','proper_filename');
	}

	return $checked;
}
add_filter('wp_check_filetype_and_ext', 'ignore_upload_ext', 10, 4);
    Plugin Author Benbodhi

    (@benbodhi)

    Thanks @blobfolio,

    I have already updated the plugin to work around this issue for now, slightly different to your method, but thank you for the contribution ??

    it’s apen also with all fonts file…
    what I can to do?

    Plugin Author Benbodhi

    (@benbodhi)

    @studioshablona this thread is resolved, please start your own.

Viewing 4 replies - 46 through 49 (of 49 total)
  • The topic ‘WP 4.7.1 Kills SVG’ is closed to new replies.