upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 54

Merge pull request #59835 from nextcloud/enh/svg-link-previews

Browse source 
chore: Improve SVG handling in link previews
This commit is contained in:
Arthur Schiwon 2026-04-22 23:27:20 +02:00 committed by GitHub
commit 52e109da97
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 27 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
lib/public/Collaboration/Reference/LinkReferenceProvider.php
View file

@ -193,7 +193,7 @@ class LinkReferenceProvider implements IReferenceProvider, IPublicReferenceProvi
$bodyStream = new LimitStream($stream, self::MAX_CONTENT_LENGTH, 0);
$content = $bodyStream->getContents();
if ($contentType === 'image/svg+xml' && stripos(html_entity_decode($content, ENT_XML1), 'XSL/Transform') !== false) {
if ($contentType === 'image/svg+xml' && $this->containsXslt($content)) {
return;
}
@ -230,4 +230,30 @@ class LinkReferenceProvider implements IReferenceProvider, IPublicReferenceProvi
public function getCacheKeyPublic(string $referenceId, string $sharingToken): ?string {
return null;
}
/**
* Check if XML content contains XSLT transformations
*
* XSLT transformations in SVG files can cause memory exhaustion
* in Chromium based browsers when rendered.
*/
private function containsXslt(string $xmlContent): bool {
set_error_handler(function (int $code, string $message): bool {
$this->logger->debug('Failed to parse XML content for XSLT check', ['error' => $message]);
return true;
});
$xml = simplexml_load_string($xmlContent);
restore_error_handler();
$namespaces = $xml ? $xml->getNamespaces(true) : [];
foreach ($namespaces as $namespace) {
if (stripos($namespace, 'XSL/Transform') !== false) {
return true;
}
}
return false;
}
}