diff --git a/composer.json b/composer.json
index 3ab95dc2ff9c9b6f80e8984f67e3b6ea39052d75..7a6fec353ece1e3823244b348103fc07635f66d9 100644
--- a/composer.json
+++ b/composer.json
@@ -161,7 +161,7 @@
"drupal/social_media": "1.9-rc2",
"drupal/social_media_links": "^2.8",
"drupal/superfish": "1.4",
- "drupal/svg_image": "1.14",
+ "drupal/svg_image": "1.15",
"drupal/token": "1.9",
"drupal/twig_tweak": "2.9",
"drupal/twitter_block": "3.0-alpha1",
diff --git a/composer.lock b/composer.lock
index 2e4118d494a5620e6f190fdca6e12d06fffbe3aa..5030d79f85fb24bc4e059e1a700d413e1e38dd40 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "dee17df1727a8fa0b885fa33c86cafba",
+ "content-hash": "5a9bb7559db4b1b83348e4b278aa45d4",
"packages": [
{
"name": "alchemy/zippy",
@@ -7149,17 +7149,17 @@
},
{
"name": "drupal/svg_image",
- "version": "1.14.0",
+ "version": "1.15.0",
"source": {
"type": "git",
"url": "https://git.drupalcode.org/project/svg_image.git",
- "reference": "8.x-1.14"
+ "reference": "8.x-1.15"
},
"dist": {
"type": "zip",
- "url": "https://ftp.drupal.org/files/projects/svg_image-8.x-1.14.zip",
- "reference": "8.x-1.14",
- "shasum": "0a6ca8104995a8cf4a1fff3e9e04e1fecf734b11"
+ "url": "https://ftp.drupal.org/files/projects/svg_image-8.x-1.15.zip",
+ "reference": "8.x-1.15",
+ "shasum": "368d0189bb3c59ea40cf52d83c8551b6358aa161"
},
"require": {
"drupal/core": "^8 || ^9",
@@ -7168,8 +7168,8 @@
"type": "drupal-module",
"extra": {
"drupal": {
- "version": "8.x-1.14",
- "datestamp": "1591251834",
+ "version": "8.x-1.15",
+ "datestamp": "1629259130",
"security-coverage": {
"status": "covered",
"message": "Covered by Drupal's security advisory policy"
@@ -8335,25 +8335,26 @@
},
{
"name": "enshrined/svg-sanitize",
- "version": "0.13.3",
+ "version": "0.14.1",
"source": {
"type": "git",
"url": "https://github.com/darylldoyle/svg-sanitizer.git",
- "reference": "bc66593f255b7d2613d8f22041180036979b6403"
+ "reference": "307b42066fb0b76b5119f5e1f0826e18fefabe95"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/bc66593f255b7d2613d8f22041180036979b6403",
- "reference": "bc66593f255b7d2613d8f22041180036979b6403",
+ "url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/307b42066fb0b76b5119f5e1f0826e18fefabe95",
+ "reference": "307b42066fb0b76b5119f5e1f0826e18fefabe95",
"shasum": ""
},
"require": {
"ext-dom": "*",
- "ext-libxml": "*"
+ "ext-libxml": "*",
+ "php": "^7.0 || ^8.0"
},
"require-dev": {
"codeclimate/php-test-reporter": "^0.1.2",
- "phpunit/phpunit": "^6"
+ "phpunit/phpunit": "^6.5 || ^8.5"
},
"type": "library",
"autoload": {
@@ -8374,9 +8375,9 @@
"description": "An SVG sanitizer for PHP",
"support": {
"issues": "https://github.com/darylldoyle/svg-sanitizer/issues",
- "source": "https://github.com/darylldoyle/svg-sanitizer/tree/develop"
+ "source": "https://github.com/darylldoyle/svg-sanitizer/tree/0.14.1"
},
- "time": "2020-01-20T01:34:17+00:00"
+ "time": "2021-08-09T23:46:54+00:00"
},
{
"name": "enyo/dropzone",
diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json
index c3d3fbae53f5db3b3205afd9251efd7cf7131e8f..c4cfb6be5c0a259d98d3032f14bfd8a35836359d 100644
--- a/vendor/composer/installed.json
+++ b/vendor/composer/installed.json
@@ -7439,18 +7439,18 @@
},
{
"name": "drupal/svg_image",
- "version": "1.14.0",
- "version_normalized": "1.14.0.0",
+ "version": "1.15.0",
+ "version_normalized": "1.15.0.0",
"source": {
"type": "git",
"url": "https://git.drupalcode.org/project/svg_image.git",
- "reference": "8.x-1.14"
+ "reference": "8.x-1.15"
},
"dist": {
"type": "zip",
- "url": "https://ftp.drupal.org/files/projects/svg_image-8.x-1.14.zip",
- "reference": "8.x-1.14",
- "shasum": "0a6ca8104995a8cf4a1fff3e9e04e1fecf734b11"
+ "url": "https://ftp.drupal.org/files/projects/svg_image-8.x-1.15.zip",
+ "reference": "8.x-1.15",
+ "shasum": "368d0189bb3c59ea40cf52d83c8551b6358aa161"
},
"require": {
"drupal/core": "^8 || ^9",
@@ -7459,8 +7459,8 @@
"type": "drupal-module",
"extra": {
"drupal": {
- "version": "8.x-1.14",
- "datestamp": "1591251834",
+ "version": "8.x-1.15",
+ "datestamp": "1629259130",
"security-coverage": {
"status": "covered",
"message": "Covered by Drupal's security advisory policy"
@@ -8678,28 +8678,29 @@
},
{
"name": "enshrined/svg-sanitize",
- "version": "0.13.3",
- "version_normalized": "0.13.3.0",
+ "version": "0.14.1",
+ "version_normalized": "0.14.1.0",
"source": {
"type": "git",
"url": "https://github.com/darylldoyle/svg-sanitizer.git",
- "reference": "bc66593f255b7d2613d8f22041180036979b6403"
+ "reference": "307b42066fb0b76b5119f5e1f0826e18fefabe95"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/bc66593f255b7d2613d8f22041180036979b6403",
- "reference": "bc66593f255b7d2613d8f22041180036979b6403",
+ "url": "https://api.github.com/repos/darylldoyle/svg-sanitizer/zipball/307b42066fb0b76b5119f5e1f0826e18fefabe95",
+ "reference": "307b42066fb0b76b5119f5e1f0826e18fefabe95",
"shasum": ""
},
"require": {
"ext-dom": "*",
- "ext-libxml": "*"
+ "ext-libxml": "*",
+ "php": "^7.0 || ^8.0"
},
"require-dev": {
"codeclimate/php-test-reporter": "^0.1.2",
- "phpunit/phpunit": "^6"
+ "phpunit/phpunit": "^6.5 || ^8.5"
},
- "time": "2020-01-20T01:34:17+00:00",
+ "time": "2021-08-09T23:46:54+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
@@ -8718,6 +8719,10 @@
}
],
"description": "An SVG sanitizer for PHP",
+ "support": {
+ "issues": "https://github.com/darylldoyle/svg-sanitizer/issues",
+ "source": "https://github.com/darylldoyle/svg-sanitizer/tree/0.14.1"
+ },
"install-path": "../enshrined/svg-sanitize"
},
{
diff --git a/vendor/composer/installed.php b/vendor/composer/installed.php
index ddc65fc6a3bbd8b9aa0b61b9f468a5381a77d3f8..be929ad0fdaadd8b7d7abb11a097b3c4434ad7a2 100644
--- a/vendor/composer/installed.php
+++ b/vendor/composer/installed.php
@@ -5,7 +5,7 @@
'type' => 'project',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
- 'reference' => 'df61ac4c80357a6ff9e6e56957f55630f42d3212',
+ 'reference' => 'b1aa9db618db05fa20645711143c5efd92e8829d',
'name' => 'osu-asc-webservices/d8-upstream',
'dev' => true,
),
@@ -1640,12 +1640,12 @@
'dev_requirement' => false,
),
'drupal/svg_image' => array(
- 'pretty_version' => '1.14.0',
- 'version' => '1.14.0.0',
+ 'pretty_version' => '1.15.0',
+ 'version' => '1.15.0.0',
'type' => 'drupal-module',
'install_path' => __DIR__ . '/../../web/modules/svg_image',
'aliases' => array(),
- 'reference' => '8.x-1.14',
+ 'reference' => '8.x-1.15',
'dev_requirement' => false,
),
'drupal/syslog' => array(
@@ -1886,12 +1886,12 @@
'dev_requirement' => false,
),
'enshrined/svg-sanitize' => array(
- 'pretty_version' => '0.13.3',
- 'version' => '0.13.3.0',
+ 'pretty_version' => '0.14.1',
+ 'version' => '0.14.1.0',
'type' => 'library',
'install_path' => __DIR__ . '/../enshrined/svg-sanitize',
'aliases' => array(),
- 'reference' => 'bc66593f255b7d2613d8f22041180036979b6403',
+ 'reference' => '307b42066fb0b76b5119f5e1f0826e18fefabe95',
'dev_requirement' => false,
),
'enyo/dropzone' => array(
@@ -2104,7 +2104,7 @@
'type' => 'project',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
- 'reference' => 'df61ac4c80357a6ff9e6e56957f55630f42d3212',
+ 'reference' => 'b1aa9db618db05fa20645711143c5efd92e8829d',
'dev_requirement' => false,
),
'pantheon-systems/quicksilver-pushback' => array(
diff --git a/vendor/enshrined/svg-sanitize/.github/workflows/tests.yml b/vendor/enshrined/svg-sanitize/.github/workflows/tests.yml
new file mode 100644
index 0000000000000000000000000000000000000000..323c154d2f6b2adbb010274b2e828e56068d2185
--- /dev/null
+++ b/vendor/enshrined/svg-sanitize/.github/workflows/tests.yml
@@ -0,0 +1,36 @@
+name: Tests
+
+on: [push, pull_request]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+
+ strategy:
+ matrix:
+ php: ['7.0', '7.1', '7.2', '7.3', '7.4', '8.0']
+ fail-fast: false
+
+ steps:
+ - uses: actions/checkout@v2
+
+ - name: Setup PHP
+ uses: shivammathur/setup-php@v2
+ with:
+ php-version: ${{ matrix.php }}
+ tools: composer:v2
+
+ - name: Validate composer.json and composer.lock
+ run: composer validate
+
+# - name: Lint PHP
+# uses: overtrue/phplint@7.4
+# with:
+# path: .
+# options: --exclude=vendor
+
+ - name: Install dependencies
+ run: composer install --prefer-dist --no-progress
+
+ - name: Run test suite
+ run: composer run-script test
diff --git a/vendor/enshrined/svg-sanitize/.gitignore b/vendor/enshrined/svg-sanitize/.gitignore
index ccee11c594d4f23b11459c461a68a26d8d6c7e14..1c48129f854d3719551a23d464440f121d00cd57 100644
--- a/vendor/enshrined/svg-sanitize/.gitignore
+++ b/vendor/enshrined/svg-sanitize/.gitignore
@@ -1,4 +1,5 @@
/vendor
/build
/.idea
-composer.lock
\ No newline at end of file
+/.phpunit.result.cache
+composer.lock
diff --git a/vendor/enshrined/svg-sanitize/composer.json b/vendor/enshrined/svg-sanitize/composer.json
index ed475560e3850871e2f2005621e759c1aa4044d8..8253fdcfb665234ac10c971b739c7b68f8b38368 100644
--- a/vendor/enshrined/svg-sanitize/composer.json
+++ b/vendor/enshrined/svg-sanitize/composer.json
@@ -8,6 +8,9 @@
"email": "daryll@enshrined.co.uk"
}
],
+ "scripts": {
+ "test": "phpunit --no-coverage"
+ },
"autoload": {
"psr-4": {
"enshrined\\svgSanitize\\": "src"
@@ -18,13 +21,13 @@
"enshrined\\svgSanitize\\Tests\\": "tests"
}
},
- "minimum-stability": "stable",
"require": {
"ext-dom": "*",
- "ext-libxml": "*"
+ "ext-libxml": "*",
+ "php": "^7.0 || ^8.0"
},
"require-dev": {
- "phpunit/phpunit": "^6",
+ "phpunit/phpunit": "^6.5 || ^8.5",
"codeclimate/php-test-reporter": "^0.1.2"
}
}
diff --git a/vendor/enshrined/svg-sanitize/phpunit.xml b/vendor/enshrined/svg-sanitize/phpunit.xml
index d6a4a062eea87a39d31af517a3253d05536c0b12..c406b238843e28cdfe8a3d924463f561afeea055 100644
--- a/vendor/enshrined/svg-sanitize/phpunit.xml
+++ b/vendor/enshrined/svg-sanitize/phpunit.xml
@@ -1,8 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<phpunit bootstrap="vendor/autoload.php"
colors="true"
- stopOnFailure="false"
- syntaxCheck="false">
+ stopOnFailure="false">
<testsuites>
<testsuite name="The project's test suite">
@@ -19,4 +18,4 @@
<directory suffix=".php">./src</directory>
</whitelist>
</filter>
-</phpunit>
\ No newline at end of file
+</phpunit>
diff --git a/vendor/enshrined/svg-sanitize/src/Sanitizer.php b/vendor/enshrined/svg-sanitize/src/Sanitizer.php
index 16f562facd770262ce77d2c93cb96e5562e2c1b6..58c8111848d4dd4cb1770c2afe54ce814faef490 100644
--- a/vendor/enshrined/svg-sanitize/src/Sanitizer.php
+++ b/vendor/enshrined/svg-sanitize/src/Sanitizer.php
@@ -208,8 +208,6 @@ public function sanitize($dirty)
return false;
}
- $this->removeDoctype();
-
// Pre-process all identified elements
$xPath = new XPath($this->xmlDocument);
$this->elementReferenceResolver = new Resolver($xPath, $this->useNestingLimit);
@@ -219,6 +217,8 @@ public function sanitize($dirty)
// Grab all the elements
$allElements = $this->xmlDocument->getElementsByTagName("*");
+ // remove doctype after node elements have been analyzed
+ $this->removeDoctype();
// Start the cleaning proccess
$this->startClean($allElements, $elementsToRemove);
@@ -245,8 +245,12 @@ public function sanitize($dirty)
*/
protected function setUpBefore()
{
- // Turn off the entity loader
- $this->xmlLoaderValue = libxml_disable_entity_loader(true);
+ // This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
+ // disabled by default, so this function is no longer needed to protect against XXE attacks.
+ if (\LIBXML_VERSION < 20900) {
+ // Turn off the entity loader
+ $this->xmlLoaderValue = libxml_disable_entity_loader(true);
+ }
// Suppress the errors because we don't really have to worry about formation before cleansing
libxml_use_internal_errors(true);
@@ -260,8 +264,12 @@ protected function setUpBefore()
*/
protected function resetAfter()
{
- // Reset the entity loader
- libxml_disable_entity_loader($this->xmlLoaderValue);
+ // This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
+ // disabled by default, so this function is no longer needed to protect against XXE attacks.
+ if (\LIBXML_VERSION < 20900) {
+ // Reset the entity loader
+ libxml_disable_entity_loader($this->xmlLoaderValue);
+ }
}
/**
@@ -435,6 +443,11 @@ protected function cleanHrefs(\DOMElement $element)
*/
protected function isHrefSafeValue($value) {
+ // Allow empty values
+ if (empty($value)) {
+ return true;
+ }
+
// Allow fragment identifiers.
if ('#' === substr($value, 0, 1)) {
return true;
diff --git a/vendor/enshrined/svg-sanitize/src/svg-scanner.php b/vendor/enshrined/svg-sanitize/src/svg-scanner.php
index 0da242f8c7c2f0b88835b81ec13643741a6ff8ef..e5007713c660b82656168036069dad800e1259d6 100644
--- a/vendor/enshrined/svg-sanitize/src/svg-scanner.php
+++ b/vendor/enshrined/svg-sanitize/src/svg-scanner.php
@@ -12,9 +12,14 @@
require_once( __DIR__ . '/data/TagInterface.php' );
require_once( __DIR__ . '/data/AllowedAttributes.php' );
require_once( __DIR__ . '/data/AllowedTags.php' );
+require_once( __DIR__ . '/data/XPath.php' );
+require_once( __DIR__ . '/ElementReference/Resolver.php' );
+require_once( __DIR__ . '/ElementReference/Subject.php' );
+require_once( __DIR__ . '/ElementReference/Usage.php' );
+require_once( __DIR__ . '/Exceptions/NestingException.php' );
+require_once( __DIR__ . '/Helper.php' );
require_once( __DIR__ . '/Sanitizer.php' );
-
/*
* Print array as JSON and then
* exit program with a particular
diff --git a/vendor/enshrined/svg-sanitize/tests/AllowedAttributesTest.php b/vendor/enshrined/svg-sanitize/tests/AllowedAttributesTest.php
index 16423be60fd305347aaa97c49d63936f493a12ac..a3ed8905b90f87c4c358fe1866b39bf24aa8694c 100644
--- a/vendor/enshrined/svg-sanitize/tests/AllowedAttributesTest.php
+++ b/vendor/enshrined/svg-sanitize/tests/AllowedAttributesTest.php
@@ -9,26 +9,13 @@
*/
class AllowedAttributesTest extends TestCase
{
-
- /**
- * @var AllowedAttributes
- */
- protected $class;
-
- /**
- * Set up the test class
- */
- public function setUp()
- {
- $this->class = new AllowedAttributes();
- }
-
/**
* Test that the class implements the interface
*/
public function testItImplementsTheInterface()
{
- $this->assertInstanceOf('enshrined\svgSanitize\data\AttributeInterface', $this->class);
+ $class = new AllowedAttributes();
+ self::assertInstanceOf('enshrined\svgSanitize\data\AttributeInterface', $class);
}
/**
@@ -37,7 +24,6 @@ public function testItImplementsTheInterface()
public function testThatItReturnsAnArray()
{
$result = AllowedAttributes::getAttributes();
-
- $this->assertInternalType('array', $result);
+ self::assertSame('array', gettype($result));
}
-}
\ No newline at end of file
+}
diff --git a/vendor/enshrined/svg-sanitize/tests/AllowedTagsTest.php b/vendor/enshrined/svg-sanitize/tests/AllowedTagsTest.php
index 111eefb3325709238943d333f9f2d146ebe71026..2bc3e8c70b43b7b4b661447640fc98e4e09f3dae 100644
--- a/vendor/enshrined/svg-sanitize/tests/AllowedTagsTest.php
+++ b/vendor/enshrined/svg-sanitize/tests/AllowedTagsTest.php
@@ -9,26 +9,13 @@
*/
class AllowedTagsTest extends TestCase
{
-
- /**
- * @var AllowedTags
- */
- protected $class;
-
- /**
- * Set up the test class
- */
- public function setUp()
- {
- $this->class = new AllowedTags();
- }
-
/**
* Test that the class implements the interface
*/
public function testItImplementsTheInterface()
{
- $this->assertInstanceOf('enshrined\svgSanitize\data\TagInterface', $this->class);
+ $class = new AllowedTags();
+ self::assertInstanceOf('enshrined\svgSanitize\data\TagInterface', $class);
}
/**
@@ -37,7 +24,6 @@ public function testItImplementsTheInterface()
public function testThatItReturnsAnArray()
{
$result = AllowedTags::getTags();
-
- $this->assertInternalType('array', $result);
+ self::assertSame('array', gettype($result));
}
-}
\ No newline at end of file
+}
diff --git a/vendor/enshrined/svg-sanitize/tests/SanitizerTest.php b/vendor/enshrined/svg-sanitize/tests/SanitizerTest.php
index c27a174e4ed2e86cbd9757b905796a6ae8ee4caf..c5536b8a3ffb37b73d9b700a3f8785112a608551 100644
--- a/vendor/enshrined/svg-sanitize/tests/SanitizerTest.php
+++ b/vendor/enshrined/svg-sanitize/tests/SanitizerTest.php
@@ -11,32 +11,15 @@
*/
class SanitizerTest extends TestCase
{
- /**
- * @var Sanitizer
- */
- protected $class;
-
- /**
- * Set up the test class
- */
- protected function setUp()
- {
- $this->class = new Sanitizer();
- }
-
- protected function tearDown()
- {
- unset($this->class);
- }
-
/**
* Make sure the initial tags are loaded
*/
public function testLoadDefaultTags()
{
- $tags = $this->class->getAllowedTags();
+ $sanitizer = new Sanitizer();
+ $tags = $sanitizer->getAllowedTags();
- $this->assertInternalType('array', $tags);
+ self::assertSame('array', gettype($tags));
}
/**
@@ -44,9 +27,10 @@ public function testLoadDefaultTags()
*/
public function testLoadDefaultAttributes()
{
- $attributes = $this->class->getAllowedAttrs();
+ $sanitizer = new Sanitizer();
+ $attributes = $sanitizer->getAllowedAttrs();
- $this->assertInternalType('array', $attributes);
+ self::assertSame('array', gettype($attributes));
}
/**
@@ -54,13 +38,12 @@ public function testLoadDefaultAttributes()
*/
public function testSetCustomTags()
{
- $this->class->setAllowedTags(new TestAllowedTags());
-
- $tags = $this->class->getAllowedTags();
-
- $this->assertInternalType('array', $tags);
+ $sanitizer = new Sanitizer();
+ $sanitizer->setAllowedTags(new TestAllowedTags());
+ $tags = $sanitizer->getAllowedTags();
- $this->assertEquals(array_map('strtolower', TestAllowedTags::getTags()), $tags);
+ self::assertSame('array', gettype($tags));
+ self::assertSame(array_map('strtolower', TestAllowedTags::getTags()), $tags);
}
/**
@@ -68,13 +51,12 @@ public function testSetCustomTags()
*/
public function testSetCustomAttributes()
{
- $this->class->setAllowedAttrs(new TestAllowedAttributes());
+ $sanitizer = new Sanitizer();
+ $sanitizer->setAllowedAttrs(new TestAllowedAttributes());
+ $attributes = $sanitizer->getAllowedAttrs();
- $attributes = $this->class->getAllowedAttrs();
-
- $this->assertInternalType('array', $attributes);
-
- $this->assertEquals( array_map('strtolower', TestAllowedAttributes::getAttributes()), $attributes);
+ self::assertSame('array', gettype($attributes));
+ self::assertSame( array_map('strtolower', TestAllowedAttributes::getAttributes()), $attributes);
}
/**
@@ -86,9 +68,10 @@ public function testSanitizeXMLDoc()
$initialData = file_get_contents($dataDirectory . '/xmlTestOne.xml');
$expected = file_get_contents($dataDirectory . '/xmlCleanOne.xml');
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -100,9 +83,10 @@ public function testSanitizeSVGDoc()
$initialData = file_get_contents($dataDirectory . '/svgTestOne.svg');
$expected = file_get_contents($dataDirectory . '/svgCleanOne.svg');
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -113,9 +97,10 @@ public function testBadXMLReturnsFalse()
$dataDirectory = __DIR__ . '/data';
$initialData = file_get_contents($dataDirectory . '/badXmlTestOne.svg');
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertEquals(false, $cleanData);
+ self::assertSame(false, $cleanData);
}
/**
@@ -127,9 +112,10 @@ public function testSanitizeHrefs()
$initialData = file_get_contents($dataDirectory . '/hrefTestOne.svg');
$expected = file_get_contents($dataDirectory . '/hrefCleanOne.svg');
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -141,9 +127,10 @@ public function testSanitizeHrefsNoXlinkNamespace()
$initialData = file_get_contents($dataDirectory . '/hrefTestTwo.svg');
$expected = file_get_contents($dataDirectory . '/hrefCleanTwo.svg');
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -155,11 +142,11 @@ public function testSanitizeExternal()
$initialData = file_get_contents($dataDirectory . '/externalTest.svg');
$expected = file_get_contents($dataDirectory . '/externalClean.svg');
- $this->class->removeRemoteReferences(true);
- $cleanData = $this->class->sanitize($initialData);
- $this->class->removeRemoteReferences(false);
+ $sanitizer = new Sanitizer();
+ $sanitizer->removeRemoteReferences(true);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -171,11 +158,11 @@ public function testSanitizeAndMinifiySVGDoc()
$initialData = file_get_contents($dataDirectory . '/svgTestOne.svg');
$expected = file_get_contents($dataDirectory . '/svgCleanOneMinified.svg');
- $this->class->minify(true);
- $cleanData = $this->class->sanitize($initialData);
- $this->class->minify(false);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(true);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -187,11 +174,11 @@ public function testThatAriaAndDataAttributesAreAllowed()
$initialData = file_get_contents($dataDirectory . '/ariaDataTest.svg');
$expected = file_get_contents($dataDirectory . '/ariaDataClean.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
- $this->class->minify(false);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -203,11 +190,11 @@ public function testThatExternalUseElementsAreStripped()
$initialData = file_get_contents($dataDirectory . '/useTest.svg');
$expected = file_get_contents($dataDirectory . '/useClean.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
- $this->class->minify(false);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -215,13 +202,15 @@ public function testThatExternalUseElementsAreStripped()
*/
public function testMinifiedOptions()
{
- $this->class->minify(true);
- $this->class->removeXMLTag(true);
- $this->class->setXMLOptions(0);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(true);
+ $sanitizer->removeXMLTag(true);
+ $sanitizer->setXMLOptions(0);
$input = '<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><title>chevron-double-down</title><path d="M4 11.73l.68-.73L12 17.82 19.32 11l.68.73-7.66 7.13a.5.5 0 0 1-.68 0z"/><path d="M4 5.73L4.68 5 12 11.82 19.32 5l.68.73-7.66 7.13a.5.5 0 0 1-.68 0z"/></svg>';
- $output = $this->class->sanitize($input);
- $this->assertEquals($input, $output);
+ $output = $sanitizer->sanitize($input);
+
+ self::assertSame($input, $output);
}
/**
@@ -233,10 +222,11 @@ public function useRecursionsAreDetected()
$initialData = file_get_contents($dataDirectory . '/xlinkLaughsTest.svg');
$expected = file_get_contents($dataDirectory . '/xlinkLaughsClean.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -248,10 +238,28 @@ public function infiniteUseLoopsAreDetected()
$initialData = file_get_contents($dataDirectory . '/xlinkLoopTest.svg');
$expected = file_get_contents($dataDirectory . '/xlinkLoopClean.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
+
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
+ }
+
+ /**
+ * @test
+ */
+ public function doctypeAndEntityAreRemoved()
+ {
+ $dataDirectory = __DIR__ . '/data';
+ $initialData = file_get_contents($dataDirectory . '/entityTest.svg');
+ $expected = file_get_contents($dataDirectory . '/entityClean.svg');
+
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $sanitizer->removeRemoteReferences(true);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertSame($expected, $cleanData);
}
/**
@@ -263,10 +271,11 @@ public function testUseDOSattacksAreNullified()
$initialData = file_get_contents($dataDirectory . '/useDosTest.svg');
$expected = file_get_contents($dataDirectory . '/useDosClean.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
/**
@@ -279,9 +288,10 @@ public function testLargeUseDOSattacksAreNullified()
$initialData = file_get_contents($dataDirectory . '/useDosTestTwo.svg');
$expected = file_get_contents($dataDirectory . '/useDosCleanTwo.svg');
- $this->class->minify(false);
- $cleanData = $this->class->sanitize($initialData);
+ $sanitizer = new Sanitizer();
+ $sanitizer->minify(false);
+ $cleanData = $sanitizer->sanitize($initialData);
- $this->assertXmlStringEqualsXmlString($expected, $cleanData);
+ self::assertXmlStringEqualsXmlString($expected, $cleanData);
}
}
diff --git a/vendor/enshrined/svg-sanitize/tests/SubjectTest.php b/vendor/enshrined/svg-sanitize/tests/SubjectTest.php
index a036086277370c2d940128df3ee7eda7771eed93..94c233f042b40472f25a38d8754f0b08e499bce9 100644
--- a/vendor/enshrined/svg-sanitize/tests/SubjectTest.php
+++ b/vendor/enshrined/svg-sanitize/tests/SubjectTest.php
@@ -9,6 +9,9 @@
*/
class SubjectTest extends TestCase
{
+ /**
+ * @var int
+ */
protected $nestingLimit = 15;
/**
diff --git a/vendor/enshrined/svg-sanitize/tests/data/entityClean.svg b/vendor/enshrined/svg-sanitize/tests/data/entityClean.svg
new file mode 100644
index 0000000000000000000000000000000000000000..a7c49b4d49d26cb5c4546aeec026141996cf4760
--- /dev/null
+++ b/vendor/enshrined/svg-sanitize/tests/data/entityClean.svg
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<svg xmlns="http://www.w3.org/2000/svg">
+ <text x="0" y="20" font-size="20">&lab;</text>
+</svg>
diff --git a/vendor/enshrined/svg-sanitize/tests/data/entityTest.svg b/vendor/enshrined/svg-sanitize/tests/data/entityTest.svg
new file mode 100644
index 0000000000000000000000000000000000000000..bc2d3defac21dcd8a99e1a56f320b746f5761539
--- /dev/null
+++ b/vendor/enshrined/svg-sanitize/tests/data/entityTest.svg
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE fortiguard [ <!ENTITY lab "cool, text as an image">]>
+<svg xmlns="http://www.w3.org/2000/svg">
+ <text x="0" y="20" font-size="20">&lab;</text>
+</svg>
\ No newline at end of file
diff --git a/web/modules/svg_image/modules/svg_image_responsive/svg_image_responsive.info.yml b/web/modules/svg_image/modules/svg_image_responsive/svg_image_responsive.info.yml
index b3ddc7ffc866ae92bfd7292b159dc21ffda846f8..3baf9c9da2a9716d046703b018ba6d91ffd3c615 100644
--- a/web/modules/svg_image/modules/svg_image_responsive/svg_image_responsive.info.yml
+++ b/web/modules/svg_image/modules/svg_image_responsive/svg_image_responsive.info.yml
@@ -9,7 +9,7 @@ dependencies:
- svg_image:svg_image
- drupal:responsive_image
-# Information added by Drupal.org packaging script on 2020-06-04
-version: '8.x-1.14'
+# Information added by Drupal.org packaging script on 2021-08-18
+version: '8.x-1.15'
project: 'svg_image'
-datestamp: 1591251835
+datestamp: 1629259132
diff --git a/web/modules/svg_image/src/Plugin/Field/FieldFormatter/SvgImageUrlFormatter.php b/web/modules/svg_image/src/Plugin/Field/FieldFormatter/SvgImageUrlFormatter.php
new file mode 100644
index 0000000000000000000000000000000000000000..a7c261f3abbeaea526c3c53eeddec5977a267dd7
--- /dev/null
+++ b/web/modules/svg_image/src/Plugin/Field/FieldFormatter/SvgImageUrlFormatter.php
@@ -0,0 +1,57 @@
+<?php
+
+namespace Drupal\svg_image\Plugin\Field\FieldFormatter;
+
+use Drupal\Core\Cache\CacheableMetadata;
+use Drupal\Core\Field\FieldItemListInterface;
+use Drupal\image\Plugin\Field\FieldFormatter\ImageUrlFormatter;
+
+/**
+ * Plugin implementation of the 'image_url' formatter.
+ *
+ * Override default ImageUrlFormatter to proceed with svg urls.
+ *
+ * @FieldFormatter(
+ * id = "image_url",
+ * label = @Translation("URL to image"),
+ * field_types = {
+ * "image"
+ * }
+ * )
+ */
+class SvgImageUrlFormatter extends ImageUrlFormatter {
+
+ /**
+ * {@inheritdoc}
+ */
+ public function viewElements(FieldItemListInterface $items, $langcode) {
+ $elements = [];
+
+ /** @var \Drupal\Core\Field\EntityReferenceFieldItemListInterface $items */
+ if (empty($images = $this->getEntitiesToView($items, $langcode))) {
+ // Early opt-out if the field is empty.
+ return $elements;
+ }
+
+ /** @var \Drupal\image\ImageStyleInterface $image_style */
+ $image_style = $this->imageStyleStorage->load($this->getSetting('image_style'));
+ /** @var \Drupal\file\FileInterface[] $images */
+ foreach ($images as $delta => $image) {
+ $image_uri = $image->getFileUri();
+ $isSvg = svg_image_is_file_svg($image);
+ $url = ($image_style && !$isSvg) ? $image_style->buildUrl($image_uri) : file_create_url($image_uri);
+ $url = file_url_transform_relative($url);
+
+ // Add cacheability metadata from the image and image style.
+ $cacheability = CacheableMetadata::createFromObject($image);
+ if ($image_style) {
+ $cacheability->addCacheableDependency(CacheableMetadata::createFromObject($image_style));
+ }
+
+ $elements[$delta] = ['#markup' => $url];
+ $cacheability->applyTo($elements[$delta]);
+ }
+ return $elements;
+ }
+
+}
diff --git a/web/modules/svg_image/src/Plugin/Field/FieldWidget/SvgImageWidget.php b/web/modules/svg_image/src/Plugin/Field/FieldWidget/SvgImageWidget.php
index d4bb5d3b0a0776fe35ebf2b9f6351215dc5364ff..fe5640dce02066e7a76e95373c1a9acbc85fdcd2 100755
--- a/web/modules/svg_image/src/Plugin/Field/FieldWidget/SvgImageWidget.php
+++ b/web/modules/svg_image/src/Plugin/Field/FieldWidget/SvgImageWidget.php
@@ -61,6 +61,13 @@ class SvgImageWidget extends FileWidget {
*/
protected $imageStyleStorage;
+ /**
+ * The image factory service.
+ *
+ * @var \Drupal\Core\Image\ImageFactory
+ */
+ protected $imageFactory;
+
/**
* {@inheritdoc}
*/
@@ -72,6 +79,7 @@ public function __construct($pluginId, $pluginDefinition, FieldDefinitionInterfa
$this->renderer = $container->get('renderer');
$this->entityTypeManager = $container->get('entity_type.manager');
$this->imageStyleStorage = $this->entityTypeManager->getStorage('image_style');
+ $this->imageFactory = $container->get('image.factory');
}
/**
@@ -182,7 +190,8 @@ public function formElement(FieldItemListInterface $items, $delta, array $elemen
}
// If not using custom extension validation, ensure this is an image.
- $supportedExtensions = ['png', 'gif', 'jpg', 'jpeg', 'svg'];
+ $supportedExtensions = $this->imageFactory->getSupportedExtensions();
+ $supportedExtensions[] = 'svg';
$extensions = isset($element['#upload_validators']['file_validate_extensions'][0]) ? $element['#upload_validators']['file_validate_extensions'][0] : implode(' ', $supportedExtensions);
$extensions = array_intersect(explode(' ', $extensions), $supportedExtensions);
$element['#upload_validators']['file_validate_extensions'][0] = implode(' ', $extensions);
diff --git a/web/modules/svg_image/svg_image.info.yml b/web/modules/svg_image/svg_image.info.yml
index 1ab3af2a09389fce8b7f1b789e0c42327973c0d9..dfa879d17bbb0a91883a810857c0bcbc2292697e 100644
--- a/web/modules/svg_image/svg_image.info.yml
+++ b/web/modules/svg_image/svg_image.info.yml
@@ -8,7 +8,7 @@ core_version_requirement: ^8 || ^9
dependencies:
- drupal:image
-# Information added by Drupal.org packaging script on 2020-06-04
-version: '8.x-1.14'
+# Information added by Drupal.org packaging script on 2021-08-18
+version: '8.x-1.15'
project: 'svg_image'
-datestamp: 1591251835
+datestamp: 1629259132
diff --git a/web/modules/svg_image/svg_image.module b/web/modules/svg_image/svg_image.module
index 2a3daf892ea27c2898275c0408afcf6b6df7e024..cf0aae62116da32b650f1aa265541f48873f4112 100644
--- a/web/modules/svg_image/svg_image.module
+++ b/web/modules/svg_image/svg_image.module
@@ -7,6 +7,7 @@
use Drupal\file\Entity\File;
use Drupal\svg_image\Plugin\Field\FieldFormatter\SvgImageFormatter;
+use Drupal\svg_image\Plugin\Field\FieldFormatter\SvgImageUrlFormatter;
use Drupal\svg_image\Plugin\Field\FieldWidget\SvgImageWidget;
/**
@@ -21,6 +22,7 @@ function svg_image_field_widget_info_alter(array &$info) {
*/
function svg_image_field_formatter_info_alter(array &$info) {
$info['image']['class'] = SvgImageFormatter::class;
+ $info['image_url']['class'] = SvgImageUrlFormatter::class;
}
/**
@@ -33,7 +35,7 @@ function svg_image_field_formatter_info_alter(array &$info) {
* @see template_preprocess_image_style()
*/
function svg_image_preprocess_image_style(array &$variables) {
- if (isset($variables['image']['#access']) && !$variables['image']['#access']) {
+ if (isset($variables['image']['#access']) && !$variables['image']['#access'] && !empty($variables['image']['#uri'])) {
$files = \Drupal::entityTypeManager()->getStorage('file')
->loadByProperties(['uri' => $variables['uri']]);
if ($files) {
@@ -41,7 +43,7 @@ function svg_image_preprocess_image_style(array &$variables) {
if (svg_image_is_file_svg($imageFile)) {
$variables['image']['#access'] = TRUE;
- $variables['image']['#attributes']['class'] = 'no-image-style';
+ $variables['image']['#attributes']['class'][] = 'no-image-style';
}
}
}