Merge pull request #28 from 10up/fix/proper-type-checking

Better checking of the file type when determining which files are SVGs
10up · Feb 14, 2022 · 00cb9a8 · 00cb9a8
2 parents 8415215 + 44752cf
commit 00cb9a8
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/safe-svg.php b/safe-svg.php
@@ -105,7 +105,10 @@ public function fix_mime_type_svg( $data = null, $file = null, $filename = null,
          */
         public function check_for_svg( $file ) {
 
-            if ( $file['type'] === 'image/svg+xml' ) {
+            $wp_filetype = wp_check_filetype_and_ext( $file['tmp_name'], $file['name'] );
+            $type        = ! empty( $wp_filetype['type'] ) ? $wp_filetype['type'] : '';
+
+            if ( $type === 'image/svg+xml' ) {
                 if ( ! $this->sanitize( $file['tmp_name'] ) ) {
                     $file['error'] = __( "Sorry, this file couldn't be sanitized so for security reasons wasn't uploaded",
                         'safe-svg' );