Disable SVG Upload

  • Jake Ward

    (@jakeward)


    4 years, 1 month ago

    Hi,

    We have a plugin that has enabled the ability for users to upload SVGs on the site.

    Is there a way we can disable this globally through a php function or other means in order to make more secure?

    Thanks,

Viewing 2 replies - 1 through 2 (of 2 total)
  • Dmitry Litvinov

    (@dmitrylitvinov)

    4 years, 1 month ago

    Hello!

    It will be much easier to study the documentation for the plugin and find out how to disable imports for certain categories of users.

    If your current plugin doesn’t have this option, then I’m sure you can find a more flexible plugin with more options, including limiting users to upload SVGs, or manually verifying each specific file.

    You can use the manual method and write the code yourself. Allows loading SVG and XML such known code (add to functions.php):

    function add_svg_mime_types($mimes) {
    $mimes['svg'] = 'image/svg+xml';
    return $mimes;
}
add_filter('upload_mimes', 'add_svg_mime_types');

    Following its logic, you can continue it to make your own configurations and settings that you need.

    So, to prevent downloading other types of files, for example, mp4, you need to continue the code like this:

    function remove_mime_types($mimes) {
    unset($mimes['video/mp4']);
}
add_filter('upload_mimes', 'remove_mime_types');
    Thread Starter Jake Ward

    (@jakeward)

    4 years, 1 month ago

    Thank you for your reply! However, I’m just loojking for something to disable SVG upload globally to increase security. Or is what you’re suggesting to use the second code block with the unsetting of SVGs?

    Thanks again!

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Disable SVG Upload’ is closed to new replies.

Tags