aboutsummaryrefslogtreecommitdiffstats
path: root/tests/phpunit/data/upload
Commit message (Collapse)AuthorAgeFilesLines
* upload: Allow attributes starting with "on" in inkscape SVG namespaceDerk-Jan Hartman2023-02-131-0/+83
| | | | | | | | Inkscape has an attribute only-selected in it's namespace which is not interpreted by browsers and should be safe upload. Bug: T288186 Change-Id: I044f225aef813efc708eb96f588fc55733d165f3
* Relax HTML sniffing checks on image uploadBrion Vibber2019-06-073-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allows uploaded files to include some HTML tag strings that were previously forbidden in the first 1k or so of the file: * <a href * <img * <pre * <table * <title They are now allowed as long as the IE MIME type detection heuristic would not change their types. This should reduce the number of false positive checks in JPEGs with EXIF data with links. Also deprecates $wgAllowTitlesInSVG and allows it by default. This should still protect against malformed PNG attacks on old IE versions, though false positive checks are conceivable on PNG files containing comments very close to the beginning of the file. Adds $wgVerifyMimeTypeIE config var to allow disabling the IE checks entirely, if desired, but leaves it in place by default. These are more conservative than the checks that were removed. Added test cases for the old IE5/6 bug and the particular sort of JPEG metadata that struck false positives previously. Bug: T27707 Change-Id: I66642a74fce1a1894cad67d62b0da61020db469a
* UploadBase: Permit SVG files with broken namespace definition (Inkscape bug)Bartosz Dziewoński2016-10-275-0/+173
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Inkscape mangles namespace definitions created by Adobe Illustrator (apparently it can't parse custom entities or something, maybe just in 'xmlns' attributes). These files are still valid SVG, and not a security issue (although Illustrator probably won't like them), so it's okay to allow them. Added tests with some example files. * buggynamespace-original.svg File generated by Illustrator (edited by hand to reduce filesize). Based on <https://commons.wikimedia.org/w/?curid=16495597>. * buggynamespace-okay.svg The original file, opened and saved in Inkscape (no other changes). * buggynamespace-okay2.svg The original file, opened and saved in Inkscape twice. * buggynamespace-bad.svg The original file, edited by hand to remove custom entities. This is not valid XML and should be rejected (although it's valid when parsed as HTML, and some image viewers might display it). * buggynamespace-evilhtml.svg An SVG file using an entity declared namespace for a namespace we want to ban. Based on buggynamespace-original.svg. Bug: T144827 Change-Id: I0eb9766cab86a58d729f10033c64f57d2076d917
* Copy various random files used by tests to tests/phpunit/dataBartosz Dziewoński2014-06-031-0/+0
The tests currently depend on them never being renamed, which is bad. (Actual file data in git is de-duplicated automatically AFAIK.) Change-Id: Id2440326981218f9e7d51541a168db59183fdadf
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-24 21:10:02 +0000