CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

[SECURITY] Do not allow SVG files for logos

Browse Source
This commit is contained in:
Raphael Michel
2017-08-20 15:35:00 +02:00
parent 3428ea2f18
commit 5c91352bae
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pretix/control/forms/event.py
View File

@@ -704,7 +704,7 @@ class DisplaySettingsForm(SettingsForm):
) )
logo_image = ExtFileField( logo_image = ExtFileField(
label=_('Logo image'), label=_('Logo image'),
ext_whitelist=(".png", ".jpg", ".svg", ".gif", ".jpeg"), ext_whitelist=(".png", ".jpg", ".gif", ".jpeg"),
required=False, required=False,
help_text=_('If you provide a logo image, we will by default not show your events name and date ' help_text=_('If you provide a logo image, we will by default not show your events name and date '
'in the page header. We will show your logo with a maximal height of 120 pixels.') 'in the page header. We will show your logo with a maximal height of 120 pixels.')

2
src/pretix/control/forms/organizer.py
View File

@@ -128,7 +128,7 @@ class OrganizerSettingsForm(SettingsForm):
organizer_logo_image = ExtFileField( organizer_logo_image = ExtFileField(
label=_('Logo image'), label=_('Logo image'),
ext_whitelist=(".png", ".jpg", ".svg", ".gif", ".jpeg"), ext_whitelist=(".png", ".jpg", ".gif", ".jpeg"),
required=False, required=False,
help_text=_('If you provide a logo image, we will by default not show your organization name ' help_text=_('If you provide a logo image, we will by default not show your organization name '
'in the page header. We will show your logo with a maximal height of 120 pixels.') 'in the page header. We will show your logo with a maximal height of 120 pixels.')