security - Why does Wordpress not permit svg image files by default? -
why can't upload svg image files wordpress(4.2.2) default? when try message:
sorry, file type not permitted security reasons.
i know problem has been around while, , i've used solution in past, https://css-tricks.com/snippets/wordpress/allow-svg-through-wordpress-media-uploader/, :
function cc_mime_types($mimes) { $mimes['svg'] = 'image/svg+xml'; return $mimes; } add_filter('upload_mimes', 'cc_mime_types'); but security implications of allowing behaviour , why has been disabled default?
svg files rich in contain xml , javascript. such, processing of these files riskier processing simpler image formats.
Comments
Post a Comment