DRCIT/snipe-it
1
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2024-10-02 21:57:33 -07:00
Code Issues Actions 15 Packages Projects Releases Wiki Activity
4400 commits 92 branches 266 tags 298 MiB
Commit graph

4 commits

Author SHA1 Message Date
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639) 
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
 2019-12-05 22:23:05 -08:00
snipe 103c75e78c Removed max cap in image validation 2018-04-24 03:12:17 -07:00
snipe 4898dd8e23 Use ImageUploadRequest $request on user profile update 2017-12-06 14:42:14 -08:00
snipe fd805bde50 Fixes #1247 - allow SVG logo upload 2016-12-27 17:31:53 -08:00