liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: sanitize SVG uploads

Browse Source
This commit is contained in:
NGPixel
2021-12-17 21:41:23 -05:00
parent 79e153815f
commit 5d3e81496f
6 changed files with 79 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
server/graph/schemas/site.graphql
View File

@@ -54,6 +54,7 @@ type SiteMutation {
securityCSPDirectives: String
uploadMaxFileSize: Int
uploadMaxFiles: Int
uploadScanSVG: Boolean
): DefaultResponse @auth(requires: ["manage:system"])
}
@@ -63,15 +64,15 @@ type SiteMutation {
# -----------------------------------------------
type SiteConfig {
host: String!
title: String!
description: String!
robots: [String]!
analyticsService: String!
analyticsId: String!
company: String!
contentLicense: String!
logoUrl: String!
host: String
title: String
description: String
robots: [String]
analyticsService: String
analyticsId: String
company: String
contentLicense: String
logoUrl: String
authAutoLogin: Boolean
authEnforce2FA: Boolean
authHideLocal: Boolean
@@ -79,18 +80,19 @@ type SiteConfig {
authJwtAudience: String
authJwtExpiration: String
authJwtRenewablePeriod: String
featurePageRatings: Boolean!
featurePageComments: Boolean!
featurePersonalWikis: Boolean!
securityOpenRedirect: Boolean!
securityIframe: Boolean!
securityReferrerPolicy: Boolean!
securityTrustProxy: Boolean!
securitySRI: Boolean!
securityHSTS: Boolean!
securityHSTSDuration: Int!
securityCSP: Boolean!
securityCSPDirectives: String!
uploadMaxFileSize: Int!
uploadMaxFiles: Int!
featurePageRatings: Boolean
featurePageComments: Boolean
featurePersonalWikis: Boolean
securityOpenRedirect: Boolean
securityIframe: Boolean
securityReferrerPolicy: Boolean
securityTrustProxy: Boolean
securitySRI: Boolean
securityHSTS: Boolean
securityHSTSDuration: Int
securityCSP: Boolean
securityCSPDirectives: String
uploadMaxFileSize: Int
uploadMaxFiles: Int
uploadScanSVG: Boolean
}