WordPress.org

Make WordPress Core

Opened 3 years ago

Closed 3 years ago

#40920 closed defect (bug) (invalid)

WP 4.8 allows uploading SVG images from the image widget

Reported by: saqali Owned by:
Milestone: Priority: normal
Severity: normal Version: 4.8
Component: Media Keywords: reporter-feedback
Focuses: Cc:

Description

Uploaded an SVG to the new image widget, it works but spits out a bunch of php code error, I thin it's because there's no where for me to set the height and width to

`
'flex-width' => true,
'flex-height' => true,
`

`
( ! ) Warning: Illegal string offset 'width' in C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\media.php on line 988
Call Stack
# Time Memory Function Location
1 0.0024 202880 {main}( ) ..\index.php:0
2 0.0027 204912 require( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-blog-header.php' ) ..\index.php:17
3 0.8348 38631736 require_once( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\template-loader.php' ) ..\wp-blog-header.php:19
4 0.8389 38729704 include( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-content\themes\genesis\single.php' ) ..\template-loader.php:74
5 0.8389 38729768 genesis( ) ..\single.php:15
6 1.0412 39602808 do_action( ) ..\framework.php:45
7 1.0412 39603240 WP_Hook->do_action( ) ..\plugin.php:453
8 1.0412 39603288 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
9 1.0412 39603792 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
10 1.0412 39603992 genesis_get_sidebar( ) ..\class-wp-hook.php:298
11 1.0413 39604064 get_sidebar( ) ..\layout.php:211
12 1.0413 39604456 locate_template( ) ..\general-template.php:122
13 1.0415 39604616 load_template( ) ..\template.php:647
14 1.0418 39614912 require_once( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-content\themes\genesis\sidebar.php' ) ..\template.php:688
15 1.0549 39615600 do_action( ) ..\sidebar.php:22
16 1.0549 39616040 WP_Hook->do_action( ) ..\plugin.php:453
17 1.0549 39616088 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
18 1.0549 39616592 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
19 1.0550 39616888 blox_frontend_content ( ) ..\class-wp-hook.php:298
20 1.0550 39617088 Blox_Action_Storage->call( ) ..\class-wp-hook.php:0
21 1.0550 39617120 call_user_func:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-master\includes\global\action-storage.php:47} ( ) ..\action-storage.php:47
22 1.0550 39617136 blox_frontend_content( ) ..\action-storage.php:47
23 1.0551 39617672 do_action( ) ..\frontend.php:383
24 1.0551 39618736 WP_Hook->do_action( ) ..\plugin.php:453
25 1.0551 39618784 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
26 1.0551 39619288 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
27 1.0552 39619696 Blox_Widgets_Main->print_widgets_content( ) ..\class-wp-hook.php:298
28 1.0556 39638112 call_user_func:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-widgets\blox-widgets.php:368} ( ) ..\blox-widgets.php:368
29 1.0556 39638208 Blox_Widgets_Main->blox_display_widgets( ) ..\blox-widgets.php:368
30 1.0557 39641360 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-widgets\blox-widgets.php:467} ( ) ..\blox-widgets.php:467
31 1.0557 39641688 WP_Widget->display_callback( ) ..\blox-widgets.php:467
32 1.0559 39647480 WP_Widget_Media->widget( ) ..\class-wp-widget.php:395
33 1.0580 39653168 WP_Widget_Media_Image->render_media( ) ..\class-wp-widget-media.php:226
34 1.0614 39654320 _wp_get_image_size_from_meta( ) ..\class-wp-widget-media-image.php:208

( ! ) Warning: Illegal string offset 'height' in C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\media.php on line 989
Call Stack
# Time Memory Function Location
1 0.0024 202880 {main}( ) ..\index.php:0
2 0.0027 204912 require( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-blog-header.php' ) ..\index.php:17
3 0.8348 38631736 require_once( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\template-loader.php' ) ..\wp-blog-header.php:19
4 0.8389 38729704 include( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-content\themes\genesis\single.php' ) ..\template-loader.php:74
5 0.8389 38729768 genesis( ) ..\single.php:15
6 1.0412 39602808 do_action( ) ..\framework.php:45
7 1.0412 39603240 WP_Hook->do_action( ) ..\plugin.php:453
8 1.0412 39603288 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
9 1.0412 39603792 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
10 1.0412 39603992 genesis_get_sidebar( ) ..\class-wp-hook.php:298
11 1.0413 39604064 get_sidebar( ) ..\layout.php:211
12 1.0413 39604456 locate_template( ) ..\general-template.php:122
13 1.0415 39604616 load_template( ) ..\template.php:647
14 1.0418 39614912 require_once( 'C:\Users\Saqib\Documents\Websites\example.dev\wp-content\themes\genesis\sidebar.php' ) ..\template.php:688
15 1.0549 39615600 do_action( ) ..\sidebar.php:22
16 1.0549 39616040 WP_Hook->do_action( ) ..\plugin.php:453
17 1.0549 39616088 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
18 1.0549 39616592 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
19 1.0550 39616888 blox_frontend_content ( ) ..\class-wp-hook.php:298
20 1.0550 39617088 Blox_Action_Storage->call( ) ..\class-wp-hook.php:0
21 1.0550 39617120 call_user_func:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-master\includes\global\action-storage.php:47} ( ) ..\action-storage.php:47
22 1.0550 39617136 blox_frontend_content( ) ..\action-storage.php:47
23 1.0551 39617672 do_action( ) ..\frontend.php:383
24 1.0551 39618736 WP_Hook->do_action( ) ..\plugin.php:453
25 1.0551 39618784 WP_Hook->apply_filters( ) ..\class-wp-hook.php:323
26 1.0551 39619288 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-includes\class-wp-hook.php:298} ( ) ..\class-wp-hook.php:298
27 1.0552 39619696 Blox_Widgets_Main->print_widgets_content( ) ..\class-wp-hook.php:298
28 1.0556 39638112 call_user_func:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-widgets\blox-widgets.php:368} ( ) ..\blox-widgets.php:368
29 1.0556 39638208 Blox_Widgets_Main->blox_display_widgets( ) ..\blox-widgets.php:368
30 1.0557 39641360 call_user_func_array:{C:\Users\Saqib\Documents\Websites\example.dev\wp-content\plugins\blox-widgets\blox-widgets.php:467} ( ) ..\blox-widgets.php:467
31 1.0557 39641688 WP_Widget->display_callback( ) ..\blox-widgets.php:467
32 1.0559 39647480 WP_Widget_Media->widget( ) ..\class-wp-widget.php:395
33 1.0580 39653168 WP_Widget_Media_Image->render_media( ) ..\class-wp-widget-media.php:226
34 1.0614 39654320 _wp_get_image_size_from_meta( )
`

Change History (10)

#1 @Presskopp
3 years ago

  • Component changed from General to Media

#2 @afercia
3 years ago

  • Keywords reporter-feedback added
  • Summary changed from WP 4.8 to WP 4.8 allows uploading SVG images from the image widget
  • Version set to trunk

@saqali thanks for your report! What steps have you followed to upload the SVG image? As far as I know, SVG upload shouldn't be allowed by WordPress. Are you testing on WordPress 4.8 Release Candidate 2? /cc @westonruter

#3 @westonruter
3 years ago

Also, I can see that the stack trace includes “blox-widgets” plugin. It may be a plugin problem.

Also, core does not allow SVG file uploads. When I try, I get an error: “Sorry, this file type is not permitted for security reasons.”

#4 @johnbillion
3 years ago

  • Milestone changed from Awaiting Review to 4.8

Moving to 4.8 for visibility

#5 @Presskopp
3 years ago

I'm also unable to upload svg in any case in RC2 directly, only 'from URL' works (as expected)

#6 @westonruter
3 years ago

  • Milestone changed from 4.8 to 4.8.1

This ticket was mentioned in Slack in #core by jeffpaul. View the logs.


3 years ago

#8 @jbpaul17
3 years ago

  • Milestone changed from 4.8.1 to 4.9

Punting to 4.9 per today's bug scrub.

This ticket was mentioned in Slack in #core-media by desrosj. View the logs.


3 years ago

#10 @joemcgill
3 years ago

  • Milestone 4.9 deleted
  • Resolution set to invalid
  • Status changed from new to closed

I can't reproduce this using a clean install of WP with a default theme. I'm going to close this as invalid since it seems like an issue of third-party code filtering allowed upload mimes.

Note: See TracTickets for help on using tickets.