You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a security risk with SVG files (as they can contain javascript), but it seems the CSP is taking care of it, so I have enabled the display of SVG files in browser, like you suggested.
Detailed description of the problem
If I upload an SVG file to a notebook, and right-click -> open in new tab, the file is force-downloaded
Expected Behavior
SVG images should not be force-downloaded but just shown in a new tab, like the behavior is for e.g. PNG images currently.
Steps to reproduce the behavior
What eLabFTW version are you using? Visible in bottom right of a page.
4.5.14, but also happens on the demo instance
Do you have any idea what may have caused this?
No response
Do you have an idea how to solve the issue?
I believe this can be solved by adding
image/svg+xml
(see e.g. here) to this list: https://github.com/elabftw/elabftw/blob/master/src/controllers/DownloadController.php#L92Additional information
I think this may be related to #3797
The text was updated successfully, but these errors were encountered: