CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-15 16:54:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

[SECURITY] Do not allow SVG files for logos

Browse Source
This commit is contained in:
Raphael Michel
2017-08-20 15:35:00 +02:00
parent ac1467bd4b
commit a7ec475c40
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pretix/control/forms/event.py
View File

@@ -612,7 +612,7 @@ class DisplaySettingsForm(SettingsForm):
) )
logo_image = ExtFileField( logo_image = ExtFileField(
label=_('Logo image'), label=_('Logo image'),
ext_whitelist=(".png", ".jpg", ".svg", ".gif", ".jpeg"), ext_whitelist=(".png", ".jpg", ".gif", ".jpeg"),
required=False, required=False,
help_text=_('If you provide a logo image, we will by default not show your events name and date ' help_text=_('If you provide a logo image, we will by default not show your events name and date '
'in the page header. We will show your logo with a maximal height of 120 pixels.') 'in the page header. We will show your logo with a maximal height of 120 pixels.')

2
src/pretix/control/forms/organizer.py
View File

@@ -121,7 +121,7 @@ class OrganizerSettingsForm(SettingsForm):
organizer_logo_image = ExtFileField( organizer_logo_image = ExtFileField(
label=_('Logo image'), label=_('Logo image'),
ext_whitelist=(".png", ".jpg", ".svg", ".gif", ".jpeg"), ext_whitelist=(".png", ".jpg", ".gif", ".jpeg"),
required=False, required=False,
help_text=_('If you provide a logo image, we will by default not show your organization name ' help_text=_('If you provide a logo image, we will by default not show your organization name '
'in the page header. We will show your logo with a maximal height of 120 pixels.') 'in the page header. We will show your logo with a maximal height of 120 pixels.')