getgrav
Cannot save page after SVG upload
When I upload a specific SVG to a custom modular (see comment below), the page will display the following error:
Failed to save entry: SVG file XSS check failed on on_events
TypeError: can't convert undefined to object after using defaultProps
After displaying this error, the page cannot be saved anymore.
Here is the SVG:
I believe that some XSS feature is recognizing that there are "xlink:href" and < defs >. This happened to me because I had exported an SVG that contained "meshes" from Adobe Illustrator.
Now how to resolve this (for me):
- delete the cache folder
- open site in private browser (or delete your cookies / cache of your site). It seems that the error still gets displayed even when the image gets deleted, some information is stored in the browser that causes this infinite message.
- now saving works again
- to reupload the SVG, delete all the < images > in your svg and remove the "< defs >" tags.
Thank you for looking into this. I was not clear enough in my instructions:
- create a custom modular blueprint (here is mine):
title: Offerings
@extends': default
form:
fields:
tabs:
fields:
content:
fields:
section1:
type: section
title: Section 1
fields:
header.image1:
type: file
label: Image
destination: 'self@'
multiple: false
accept:
- image/*
- set a page to modular and add this modular to the page
- upload my svg to this header.image1 field -> the error message should appear
I downloaded latest Grav and was able to reproduce it again.