From daa24757b935a7f0dc73ddb55a90dc5aef4fe886 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Linus=20L=C3=A5ngberg?= <git@phoqe.dev>
Date: Thu, 21 Oct 2021 10:00:20 +0200
Subject: [PATCH] fix(xss): disallow svgs as avatars

---
 template/src/components/AccountTab/AccountTab.js | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/template/src/components/AccountTab/AccountTab.js b/template/src/components/AccountTab/AccountTab.js
index 06b30957..65dc34a0 100644
--- a/template/src/components/AccountTab/AccountTab.js
+++ b/template/src/components/AccountTab/AccountTab.js
@@ -667,13 +667,7 @@ class AccountTab extends Component {
       return;
     }
 
-    const fileTypes = [
-      "image/gif",
-      "image/jpeg",
-      "image/png",
-      "image/webp",
-      "image/svg+xml",
-    ];
+    const fileTypes = ["image/gif", "image/jpeg", "image/png", "image/webp"];
 
     if (!fileTypes.includes(avatar.type)) {
       return;