Fix: Expanded SVG validation whitelist and additional checks (#11590)

2026-04-26 01:49:26 +00:00 · 2025-12-12 12:04:04 -08:00
parent a1026f03db
commit d9a596d67a
4 changed files with 516 additions and 86 deletions
--- a/src/documents/tests/samples/malicious.svg
+++ b/src/documents/tests/samples/malicious.svg
@@ -1,4 +0,0 @@
-<svg xmlns="http://www.w3.org/2000/svg" width="100" height="100">
-  <text x="10" y="20">Hello</text>
-  <script>alert('XSS')</script>
-</svg>