Jump to content

Imageproxy breaks SVG image links


Recommended Posts



Original link:



The reason this fails is because \IPS\Image cannot validate SVG images. The current method you are using attempts to validate images using hex signatures,

		$signatures = array(
			'gif'	=> array(
				'47' . '49' . '46' . '38' . '37' . '61',
				'47' . '49' . '46' . '38' . '39' . '61'
			'jpeg'	=> array(
				'ff' . 'd8' . 'ff'
			'png'	=> array(
				'89' . '50' . '4e' . '47' . '0d' . '0a' . '1a' . '0a'

However, considering SVG is just XML and.. as far as I can tell, really has no solid standard you can reference for validation, I'm not sure how you'd prefer to handle this.

But basically, to reproduce, just link an svg image (feel free to use mine above) in a post and submit it with image proxy enabled.

The image link will first throw a 502 error in imageproxy.php at line 80, then 404's after that since it's still stored in the core_image_proxy table with NULL as its location (and thus, the images remain broken on sites with Imageproxy enabled).

Link to comment
Share on other sites

  • 10 months later...

Bumping as this issue can still arise. See the badge's here as an example:

GitHub GitHub tag (latest by date) GitHub issues GitHub last commit

In this case the issue is Github badges do not have file extensions, so you'll have to check the mimetype instead of just relying on the file extension to prevent these from being parsed.

Link to comment
Share on other sites

Also, the way you're currently handling URL's to parse extensions does not account for query strings. E.g,


Does not work. But,



If you're just checking for SVG, you should be only grabbing the first three characters are the ., not everything. But really, just checking the headers/mimetype is overall a better and more reliable solution. Image links do not always have have valid extensions (and they're not required to, they only need valid mimetypes).

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...