[wp-trac] [WordPress Trac] #53100: Unable to upload SVGs even if ALLOW_UNFILTERED_UPLOADS set

WordPress Trac noreply at wordpress.org
Tue Apr 27 15:17:11 UTC 2021

#53100: Unable to upload SVGs even if ALLOW_UNFILTERED_UPLOADS set
 Reporter:  desmith       |      Owner:  (none)
     Type:  defect (bug)  |     Status:  new
 Priority:  normal        |  Milestone:  Awaiting Review
Component:  Upload        |    Version:  5.7.1
 Severity:  minor         |   Keywords:
  Focuses:                |
 I have several sites where wp-config.php includes the line

 I would expect that to permit all file types to be uploaded. However, SVG
 files are not allowed, displaying the message "Sorry, this file type is
 not permitted for security reasons."

 I have tested this on a site using the default Twenty Twenty One theme,
 and no enabled plugins, and on that same site with Twenty Nineteen. I've
 tested it on several other sites, with a fairly broad collection of themes
 and plugins, as well. I am fairly confident the only code in common here
 is Core.

 I know that there are several plugins that "enable" SVG upload support,
 but I would expect the ALLOW_UNFILTERED_UPLOADS define to take care of
 that for me. Unfiltered should mean unfiltered, including SVGs. Is this an
 oversight or bug in the upload handlers, or an intentional (and perhaps
 not-well-documented) choice?

Ticket URL: <https://core.trac.wordpress.org/ticket/53100>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list