diff --git a/app/Libraries/HTMLUtils.php b/app/Libraries/HTMLUtils.php
index 51dcf9b896..3fc7b5957b 100644
--- a/app/Libraries/HTMLUtils.php
+++ b/app/Libraries/HTMLUtils.php
@@ -4,7 +4,6 @@ namespace App\Libraries;
use HTMLPurifier;
use HTMLPurifier_Config;
-use enshrined\svgSanitize\Sanitizer;
class HTMLUtils
{
@@ -75,15 +74,4 @@ class HTMLUtils
return env($key, env($field, $default));
}
-
- public static function sanitizeSVG($svg)
- {
- try {
- $sanitizer = new Sanitizer();
-
- return $sanitizer->sanitize($svg);
- } catch(\Exception $e) {
- return "";
- }
- }
}
diff --git a/app/Models/Document.php b/app/Models/Document.php
index 9d570882d2..4aebfab1bf 100644
--- a/app/Models/Document.php
+++ b/app/Models/Document.php
@@ -43,7 +43,7 @@ class Document extends EntityModel
'application/msword',
'application/excel', 'application/vnd.ms-excel', 'application/x-excel', 'application/x-msexcel',
'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
- 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/postscript', 'image/svg+xml',
+ 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', 'application/postscript',
'application/vnd.openxmlformats-officedocument.presentationml.presentation', 'application/vnd.ms-powerpoint',
];
@@ -57,9 +57,6 @@ class Document extends EntityModel
'ai' => [
'mime' => 'application/postscript',
],
- 'svg' => [
- 'mime' => 'image/svg+xml',
- ],
'jpeg' => [
'mime' => 'image/jpeg',
],
diff --git a/app/Ninja/Repositories/DocumentRepository.php b/app/Ninja/Repositories/DocumentRepository.php
index cf48d34064..e470348a3a 100644
--- a/app/Ninja/Repositories/DocumentRepository.php
+++ b/app/Ninja/Repositories/DocumentRepository.php
@@ -7,7 +7,6 @@ use DB;
use Form;
use Intervention\Image\ImageManager;
use Utils;
-use App\Libraries\HTMLUtils;
class DocumentRepository extends BaseRepository
{
@@ -84,14 +83,6 @@ class DocumentRepository extends BaseRepository
return 'File too large';
}
- if($documentType === 'svg') {
- $stream = file_get_contents($filePath);
- if(!($stream = HTMLUtils::sanitizeSVG($stream))) {
- return 'Unsupported file type';
- }
- file_put_contents($filePath, $stream);
- }
-
// don't allow a document to be linked to both an invoice and an expense
if (array_get($data, 'invoice_id') && array_get($data, 'expense_id')) {
unset($data['expense_id']);
diff --git a/composer.json b/composer.json
index 46589d4c48..0fc0b42356 100644
--- a/composer.json
+++ b/composer.json
@@ -44,7 +44,6 @@
"digitickets/omnipay-realex": "~5.0",
"doctrine/dbal": "2.6.x",
"dompdf/dompdf": "0.6.2",
- "enshrined/svg-sanitize": "^0.14.1",
"ezyang/htmlpurifier": "~v4.7",
"fotografde/omnipay-checkoutcom": "~2.0",
"fruitcakestudio/omnipay-sisow": "~2.0",