:spakles: Minor improvements on svg uploading on libraries.

Mainly reject svgs that have doctype declaration for security reasons.

backend/src/app/media.clj

@@ -183,7 +183,7 @@
   (us/assert ::input input)
   (let [{:keys [path mtype]} input]
     (if (= mtype "image/svg+xml")
-      (let [info (some-> path slurp svg/pre-process svg/parse get-basic-info-from-svg)]
+      (let [info (some-> path slurp svg/parse get-basic-info-from-svg)]
         (when-not info
           (ex/raise :type :validation
                     :code :invalid-svg-file

backend/src/app/rpc/queries/svg.clj

@@ -54,6 +54,6 @@
   [data]
   (cond-> data
     (str/includes? data "<!DOCTYPE")
-    (str/replace #"<\!DOCTYPE[^>]+>" "")))
+    (str/replace #"<\!DOCTYPE[^>]*>" "")))
 
 (def pre-process strip-doctype)