diff --git a/ghost/core/core/server/web/api/middleware/upload.js b/ghost/core/core/server/web/api/middleware/upload.js index 513ebf0453..f543be4641 100644 --- a/ghost/core/core/server/web/api/middleware/upload.js +++ b/ghost/core/core/server/web/api/middleware/upload.js @@ -6,6 +6,7 @@ const errors = require('@tryghost/errors'); const config = require('../../../../shared/config'); const tpl = require('@tryghost/tpl'); const logging = require('@tryghost/logging'); +const {JSDOM} = require('jsdom'); const messages = { db: { @@ -144,14 +145,33 @@ const checkFileExists = (fileData) => { const checkFileIsValid = (fileData, types, extensions) => { const type = fileData.mimetype; - if (types.includes(type) && extensions.includes(fileData.ext)) { return true; } - return false; }; +/** + * + * @param {String} filepath + * @returns {Boolean} + * + * Checks for the presence of + \ No newline at end of file diff --git a/ghost/core/test/utils/fixtures/images/svg-with-script2.svg b/ghost/core/test/utils/fixtures/images/svg-with-script2.svg new file mode 100644 index 0000000000..11a4b938cf --- /dev/null +++ b/ghost/core/test/utils/fixtures/images/svg-with-script2.svg @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file