Remove svg sanitisation usage

mpysiak · Oct 28, 2024 · 42bf9f6 · 42bf9f6
1 parent c5bf799
commit 42bf9f6
Showing 1 changed file with 3 additions and 23 deletions.
diff --git a/src/Sylius/Component/Core/Uploader/ImageUploader.php b/src/Sylius/Component/Core/Uploader/ImageUploader.php
@@ -13,7 +13,6 @@
 
 namespace Sylius\Component\Core\Uploader;
 
-use enshrined\svgSanitize\Sanitizer;
 use Sylius\Component\Core\Filesystem\Adapter\FilesystemAdapterInterface;
 use Sylius\Component\Core\Filesystem\Exception\FileNotFoundException;
 use Sylius\Component\Core\Generator\ImagePathGeneratorInterface;
@@ -23,18 +22,10 @@
 
 class ImageUploader implements ImageUploaderInterface
 {
-    private const MIME_SVG_XML = 'image/svg+xml';
-
-    private const MIME_SVG = 'image/svg';
-
-    /** @var Sanitizer */
-    protected $sanitizer;
-
     public function __construct(
-        protected FilesystemAdapterInterface $filesystem,
-        protected ImagePathGeneratorInterface $imagePathGenerator,
+        protected readonly FilesystemAdapterInterface $filesystem,
+        protected readonly ImagePathGeneratorInterface $imagePathGenerator,
     ) {
-        $this->sanitizer = new Sanitizer();
     }
 
     public function upload(ImageInterface $image): void
@@ -48,8 +39,6 @@ public function upload(ImageInterface $image): void
 
         Assert::isInstanceOf($file, File::class);
 
-        $fileContent = $this->sanitizeContent(file_get_contents($file->getPathname()), $file->getMimeType());
-
         if (null !== $image->getPath() && $this->filesystem->has($image->getPath())) {
             $this->remove($image->getPath());
         }
@@ -60,7 +49,7 @@ public function upload(ImageInterface $image): void
 
         $image->setPath($path);
 
-        $this->filesystem->write($image->getPath(), $fileContent);
+        $this->filesystem->write($image->getPath(), file_get_contents($file->getPathname()));
     }
 
     public function remove(string $path): bool
@@ -74,15 +63,6 @@ public function remove(string $path): bool
         return true;
     }
 
-    protected function sanitizeContent(string $fileContent, string $mimeType): string
-    {
-        if (self::MIME_SVG_XML === $mimeType || self::MIME_SVG === $mimeType) {
-            $fileContent = $this->sanitizer->sanitize($fileContent);
-        }
-
-        return $fileContent;
-    }
-
     /**
      * Will return true if the path is prone to be blocked by ad blockers
      */