[wp-trac] [WordPress Trac] #24251: Reconsider SVG inclusion to get_allowed_mime_types

WordPress Trac noreply at wordpress.org
Thu Mar 16 05:57:47 UTC 2023 

#24251: Reconsider SVG inclusion to get_allowed_mime_types
---------------------------+------------------------------
 Reporter:  JustinSainton  |       Owner:  (none)
     Type:  enhancement    |      Status:  reopened
 Priority:  normal         |   Milestone:  Awaiting Review
Component:  Upload         |     Version:
 Severity:  normal         |  Resolution:
 Keywords:  early          |     Focuses:
---------------------------+------------------------------

Comment (by oglekler):

 I am using SVG on every single site I am making. And it is not only a
 bundle in theme. As a minimum, all clients have logos in SVG and you need
 to provide an ability to change it. As you know, we have a dedicated place
 in the admin for this one. So, I am just adding needed mime type, it is
 one line hook. But in this case, WordPress is not filtering the content,
 and the absence of this hook is making me (and my clients) a disservice by
 not checking the content. Of course, I know what SVGs I am uploading, but
 next maintenance usually is up to client. I am trying to install fewer
 plugins as possible and make less dependencies (often clients are getting
 their new site and trying new things, installing a lot of stuff, but it is
 up to them what to do with the site even if sometimes it's difficult to
 watch). You can switch off any plugin anyway, so, if the client will want
 to upload something which will be flagged by plugin, he/she will just
 switch it off and find another way, for example add hook I've mentioned
 already into theme functions.php him/herself. I believe that many people
 have the experience when you need to switch off the antivirus program on
 your computer because it's blocking something it shouldn't, and in this
 case, people can believe that this is exactly what is happening.

 I suggest adding filtering for SVG anyway, no matter if SVG will be
 allowed finally or not, plus a flag into Media settings to switch on SVG
 with information user should know about SVG safety.

-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/24251#comment:100>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list