Ensure SVG files cannot load external resources via URLs in CSS. More...

Public Member Functions
	checkPresentationalAttribute ( $value)
	entrypoint to check presentational attributes like fill

	checkStyleAttribute (string $value)
	entrypoint to check style="..." attributes

	checkStyleTag ( $value)
	Entrypoint to check <style> tags.

Detailed Description

Ensure SVG files cannot load external resources via URLs in CSS.

Beyond that restriction, it aims to be relaxed in the CSS it allows.

Data: urls are also banned except in @font-face. The rationale behind this is unclear. The restriction was copied over from the predecessor to this class.

Definition at line 18 of file SVGCSSChecker.php.

Member Function Documentation

◆ checkPresentationalAttribute()

MediaWiki\Upload\SVGCSSChecker::checkPresentationalAttribute ( $value )

entrypoint to check presentational attributes like fill

Presentational attributes can contain CSS like values such as url()

Parameters

string $value

Returns: array|bool True if good or array containing error details

Definition at line 83 of file SVGCSSChecker.php.

◆ checkStyleAttribute()

MediaWiki\Upload\SVGCSSChecker::checkStyleAttribute ( string $value )

entrypoint to check style="..." attributes

Parameters

string $value

Returns: array|bool True if good or array containing error details

Definition at line 46 of file SVGCSSChecker.php.

◆ checkStyleTag()

MediaWiki\Upload\SVGCSSChecker::checkStyleTag ( $value )

Entrypoint to check <style> tags.

Note that data urls are allowed in @font-face

Parameters

string $value

Returns: array|bool True if good or array containing error details

Definition at line 109 of file SVGCSSChecker.php.

The documentation for this class was generated from the following file:

includes/Upload/SVGCSSChecker.php

Public Member Functions

Detailed Description

Member Function Documentation

◆ checkPresentationalAttribute()

◆ checkStyleAttribute()

◆ checkStyleTag()