Option in global settings or role editor to allow SVG upload

yankiara · April 17, 2023, 9:33am

Hi,

Most of the time I use Happy Files for media organisation, and this plugin has an option to allow SVG upload, which is handy.

But for simple sites or even large sites without too many pictures, I don’t need folders and I would be happy to remove a plugin and allow SVG upload at the same time.

What about an option in settings or role editor ? I think it would suit perfectly in a performance oriented plugin like Cwicly.

Meanwhile, I use this:

function cc_mime_types($mimes) {
  $mimes['svg'] = 'image/svg+xml';
  return $mimes;
}
add_filter('upload_mimes', 'cc_mime_types');

But I don’t know it is secure proof and I wish Cwicly could handle this for me

anon32808828 · April 18, 2023, 5:06am

This request seems to be related. Using SVGs as icons - #5 by dranzer

Your current approach seems unsafe. There is no sanitisation.

yankiara · April 18, 2023, 6:43am

Yes that is precisely why I would like Cwicly to handle it.

Today I use this for sanitization: SVGOMG - SVGO's Missing GUI

Araminta · February 1, 2024, 6:09pm

Hi @yankiara,

Thank you for sharing this request!

This is now possible with 1.4, with the addition of the SVG block:

You can activate SVG uploads from the Role Editor:

Moving to done.