[wp-trac] [WordPress Trac] #24251: Reconsider SVG inclusion to get_allowed_mime_types
WordPress Trac
noreply at wordpress.org
Thu Jun 13 13:31:57 UTC 2019
#24251: Reconsider SVG inclusion to get_allowed_mime_types
---------------------------+------------------------------
Reporter: JustinSainton | Owner: (none)
Type: enhancement | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Upload | Version:
Severity: normal | Resolution:
Keywords: early | Focuses:
---------------------------+------------------------------
Comment (by korwinus):
Replying to [comment:84 Ninos Ego]:
> As administrator it definitely should work. An admin can also edit the
theme- and plugin code with the integrated editor on dashboard. So there's
no argument disabling svg for security reasons.
Yeah exactly. People here talk about security and admin user can
edit/install plugins and theme files directly from admin? Thats not
security risk? I think its more secure to disallow these functions and
install Safe SVG plugin. Who the hell is editing files directly from
administration? No one, just hackers.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/24251#comment:88>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list