Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Full Resolution SVG Fails to Display in E2E Encrypted Rooms #15094

Open
SethFalco opened this issue Sep 4, 2020 · 4 comments
Open

Full Resolution SVG Fails to Display in E2E Encrypted Rooms #15094

SethFalco opened this issue Sep 4, 2020 · 4 comments
Labels
A-Media A-Room-View O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect

Comments

@SethFalco
Copy link

SethFalco commented Sep 4, 2020
edited
Loading

Description

When sharing an SVG via chat, the thumbnail will always display correctly.
When sharing an SVG in an encrypted chat room, the full resolution version of the SVG fails to load.

I've attempted to peek around a little, and I believe it's because in an encrypted room, the full resolution image is retrieved with the Content-Type as octet-stream, unlike in unencrypted rooms, it correctly has the type svg+xml.

Steps to reproduce

  • Upload any SVG file to an E2E encrypted room.
  • Click the thumbnail to view the "full resolution" image.
  • Observe a dead image.

I'd expect this to work the same as when an SVG is opened in an unencrypted chat room.

Logs being sent: yes

image

image

Version information

  • Platform: Web and Desktop

For the web app:

  • Browser: Firefox
  • OS: Ubuntu 18.04
  • URL: develop.element.io

For the desktop app:

  • OS: Ubuntu 18.04
  • Version: 1.7.5
@t3chguy
Copy link
Member

t3chguy commented Sep 4, 2020

So we specifically filter out svg+xml for security reasons to prevent XSS
https://github.com/matrix-org/matrix-react-sdk/blob/ce226ab5346b405b4f21a4938f87eb2ef6c748f9/src/utils/DecryptFile.js#L54

@t3chguy
Copy link
Member

t3chguy commented Sep 4, 2020

The same comment claims it should work regardless however:
https://github.com/matrix-org/matrix-react-sdk/blob/ce226ab5346b405b4f21a4938f87eb2ef6c748f9/src/utils/DecryptFile.js#L42-L45

@HarHarLinks HarHarLinks mentioned this issue Sep 5, 2021
Closed
@alexanderstephan alexanderstephan mentioned this issue Oct 25, 2021
Closed
9 tasks
@justjanne justjanne mentioned this issue Apr 14, 2022
Closed
@turt2live turt2live added S-Minor Impairs non-critical functionality or suitable workarounds exist A-Media O-Uncommon Most users are unlikely to come across this or unexpected workflow and removed P2 labels Dec 7, 2022
@hex-m

This comment was marked as off-topic.

Sign in to view
@t3chguy
Copy link
Member

t3chguy commented Mar 13, 2023

@hex-m unrelated to this issue - #2581

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-Media A-Room-View O-Uncommon Most users are unlikely to come across this or unexpected workflow S-Minor Impairs non-critical functionality or suitable workarounds exist T-Defect
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@turt2live @t3chguy @hex-m @SethFalco