all repos — honk @ 7593049d69fb25180dfe721256313037d4d414c3

my fork of honk 

mmore robust svg detection with bom fucks
Ted Unangst tedu@tedunangst.com
Tue, 03 Oct 2023 22:24:09 -0400
commit

7593049d69fb25180dfe721256313037d4d414c3

parent

87df21cf386831b24c9fbc8fbbe0e729e99bec0f

2 files changed, 14 insertions(+), 5 deletions(-)

jump to
M backend.gobackend.go 
@@ -61,18 +61,25 @@ func backendSockname() string {
 	return dataDir + "/backend.sock"
 }
 
+var bomFuck = []byte{0xef, 0xbb, 0xbf}
+
 func isSVG(data []byte) bool {
+	if bytes.HasPrefix(data, bomFuck) {
+		data = data[3:]
+	}
 	ct := http.DetectContentType(data)
-	if strings.HasPrefix(ct, "text/xml") {
-		return strings.Index(string(data), "<!DOCTYPE svg PUBLIC") != -1
-	}
-	if strings.HasPrefix(ct, "text/plain") {
-		return bytes.HasPrefix(data, []byte("<svg "))
+	if strings.HasPrefix(ct, "text/xml") || strings.HasPrefix(ct, "text/plain") {
+		if bytes.HasPrefix(data, []byte("<svg ")) || bytes.HasPrefix(data, []byte("<!DOCTYPE svg PUBLIC")) {
+			return true
+		}
 	}
 	return ct == "image/svg+xml"
 }
 
 func imageFromSVG(data []byte) (*image.Image, error) {
+	if bytes.HasPrefix(data, bomFuck) {
+		data = data[3:]
+	}
 	if len(data) > 100000 {
 		return nil, errors.New("my svg is too big")
 	}
M docs/changelog.txtdocs/changelog.txt 
@@ -2,6 +2,8 @@ changelog
 
 ### next
 
++ Fix handling of svg with bom fucks.
+
 + FastCGI listening.
 
 + Finally fix slow public queries.