mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2026-02-08 19:15:30 +00:00
Code Issues Projects Releases Wiki Activity
4,354 Commits 87 Branches 232 Tags
cfec142c3bb616dfd2ab1112c37a5ceab7805ad9
Commit Graph

4 Commits

Author SHA1 Message Date
snipe
e71e57f16a Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
 2019-12-05 22:23:05 -08:00
snipe
103c75e78c Removed max cap in image validation 2018-04-24 03:12:17 -07:00
snipe
4898dd8e23 Use ImageUploadRequest $request on user profile update 2017-12-06 14:42:14 -08:00
snipe
fd805bde50 Fixes #1247 - allow SVG logo upload 2016-12-27 17:31:53 -08:00