Merge pull request #502 from codeiolab/fix-first-compromised-file-wit…

…h-corruptedone Improved security checks for file uploads, enhancing protection against XSS vulnerabilities.
weDevsOfficial · Oct 15, 2024 · 377f02e · 377f02e
2 parents b932e68 + 07553aa
commit 377f02e
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 22 deletions.
diff --git a/src/Comment/Controllers/Comment_Controller.php b/src/Comment/Controllers/Comment_Controller.php
@@ -81,9 +81,7 @@ public function store( WP_REST_Request $request ) {
 
         $files      = array_key_exists( 'files', $media_data ) ? $media_data['files'] : null;
 
-        $file_type = $files['type'][0];
-
-        if( HelperFile::check_file_for_xss_code( $file_type, $files ) ){
+        if( HelperFile::check_file_for_xss_code( $files ) ){
             return wp_send_json(
                 [
                     'error_type' => 'svg_xss',
@@ -129,9 +127,7 @@ public function update( WP_REST_Request $request ) {
         // An array of files
         $files = array_key_exists( 'files', $media_data ) ? $media_data['files'] : null;
 
-        $file_type = $files['type'][0];
-
-        if( HelperFile::check_file_for_xss_code( $file_type, $files ) ){
+        if( HelperFile::check_file_for_xss_code( $files ) ){
             return wp_send_json(
                 [
                     'error_type' => 'svg_xss',

diff --git a/src/Discussion_Board/Controllers/Discussion_Board_Controller.php b/src/Discussion_Board/Controllers/Discussion_Board_Controller.php
@@ -75,9 +75,7 @@ public function store( WP_REST_Request $request ) {
         $milestone_id = $request->get_param( 'milestone' );
         $files        = array_key_exists( 'files', $media_data ) ? $media_data['files'] : null;
 
-        $file_type = $files['type'][0];
-
-        if( HelperFile::check_file_for_xss_code( $file_type, $files ) ){
+        if( HelperFile::check_file_for_xss_code( $files ) ){
             return wp_send_json(
                 [
                     'error_type' => 'svg_xss',
@@ -121,9 +119,7 @@ public function update( WP_REST_Request $request ) {
         $files               = array_key_exists( 'files', $media_data ) ? $media_data['files'] : null;
         $files_to_delete     = $request->get_param( 'files_to_delete' );
 
-        $file_type = $files['type'][0];
-
-        if( HelperFile::check_file_for_xss_code( $file_type, $files ) ){
+        if( HelperFile::check_file_for_xss_code( $files ) ){
             return wp_send_json(
                 [
                     'error_type' => 'svg_xss',

diff --git a/src/File/Helper/File.php b/src/File/Helper/File.php
@@ -53,16 +53,21 @@ public static function get_results( $params = [] ) {
 		return $response;
 	}
 
-	public static function check_file_for_xss_code( $file_type, $files ) {
-		if ( $file_type === 'image/svg+xml' ) {
-            $svg_tmp_name = $files['tmp_name'][0];
-
-            $svg_content = file_get_contents($svg_tmp_name);
-
-            if ( self::contains_xss_code($svg_content) ) {
-                return true;
-            }
-        }
+	public static function check_file_for_xss_code( $files ) {
+		if (isset($files['type']) && is_array($files['type'])) {
+
+			foreach ($files['type'] as $index => $file_type) {
+
+				if ($file_type === 'image/svg+xml') {
+					$svg_tmp_name = $files['tmp_name'][$index];
+					$svg_content = file_get_contents($svg_tmp_name);
+
+					if (self::contains_xss_code($svg_content)) {
+						return true;
+					}
+				}
+			}
+		}
 
 		return false;
 	}