I have enabled SVG uploads using this code:
add_filter('upload_mimes', function($mimes) {
$mimes['svg'] = 'image/svg+xml';
return $mimes;
});
However, uploads of SVG files that start with the <svg> tag fail with the usual "Sorry, this file type is not permitted for security reasons." error that WordPress displays when SVG uploads are not supported.
If I add <?xml version="1.0" encoding="UTF-8" standalone="no"?> to the file, just before the opening <svg> tag, the upload succeeds.
Why is the XML tag required? Is this requirement normal in WordPress, or is there something wrong with my setup?
I have enabled SVG uploads using this code:
add_filter('upload_mimes', function($mimes) {
$mimes['svg'] = 'image/svg+xml';
return $mimes;
});
However, uploads of SVG files that start with the <svg> tag fail with the usual "Sorry, this file type is not permitted for security reasons." error that WordPress displays when SVG uploads are not supported.
If I add <?xml version="1.0" encoding="UTF-8" standalone="no"?> to the file, just before the opening <svg> tag, the upload succeeds.
Why is the XML tag required? Is this requirement normal in WordPress, or is there something wrong with my setup?
Share Improve this question asked Jun 14, 2019 at 19:08 Theo d'OrTheo d'Or 1782 silver badges6 bronze badges2 Answers
Reset to default 6It seems that in the recent releases of WordPress, changes were made to the mime type handling to make sure that files have the extension they say they do: https://make.wordpress/core/2018/12/13/backwards-compatibility-breaks-in-5-0-1/
This poses an issue for SVG files without the tag in them.
SVG is actually an XML, and WordPress is now requiring to have a line such as
<?xml version="1.0" encoding="utf-8"?>
in an SVG file.
To validate uploads WordPress compares the MIME type of the file to the allowed MIME types for that extension. So when the file is uploaded, WordPress checks for the file extension, .svg, and the file's MIME type. It then these against the allowed MIME type for the .svg extension. If the detected MIME type does not match, then the upload is refused. The purpose of this is to prevent dangerous files being uploaded with a misleading file extension.
The actual detection of the MIME type for the file is ultimately handled by PHP, though. So if your SVG file is not being detected as image/svg+xml, then this is because PHP doesn't recognise it as an SVG file. As you've discovered, it appears that PHP does not recognise files without the <?xml ?> tag as an SVG. It's likely that it thinks the file is an HTML file, text/html. This would be because HTML documents can contain <svg> elements, meaning only way to reliably distinguish between an HTML file with SVG and an actual SVG file is the presence of this tag.
So this is why the tag needs to be included. It's what makes it an image/svg+xml file.
发布者:admin,转转请注明出处:http://www.yc00.com/questions/1745400245a4626066.html
评论列表(0条)