MDL-72242 files: Do not force text filtering of SVG files

It was a mistake to force filtering of SVG files in MDL-55243. It can easily lead to corrupted SVG files. The patch removes that forced filtering and clarifies the inline comment of what and why we need to do.
crazyserver · Aug 2, 2021 · 079c0b7 · 079c0b7
1 parent dc437b5
commit 079c0b7
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/lib/filelib.php b/lib/filelib.php
@@ -2529,10 +2529,9 @@ function send_file($path, $filename, $lifetime = null , $filter=0, $pathisstring
         $filename = rawurlencode($filename);
     }
 
-    // We need to force download and force filter the file content for the SVG file.
+    // Make sure we force download of SVG files for security reasons (https://digi.ninja/blog/svg_xss.php).
     if (file_is_svg_image_from_mimetype($mimetype)) {
         $forcedownload = true;
-        $filter = 1;
     }
 
     if ($forcedownload) {