Page MenuHomePhabricator

If a PNG is embedded in an SVG file, show a more specific warning than "dangerous href link" when trying to upload
Open, Needs TriagePublic

Description

I just imported a broken SVG, edited it and exported it via Adobe Photoshop. However, Photoshop then embeds a PNG in an href Base64-encoded...

Neither the SVG-Checker nor the Commons Upload assistant were able to tell me what's the real problem. This ended up in discussions and confusion on the dewp "Grafikwerkstatt".

I suggest to implement a check for this case:
If the following text is found in the file

"href="data:img/png;base64,"

-> tell the user that this is a PNG embedded into a SVG file.

Event Timeline

Der_Keks created this task.Mar 31 2020, 3:44 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMar 31 2020, 3:44 PM
Restricted Application added a project: Commons. · View Herald TranscriptMar 31 2020, 4:38 PM

@Der_Keks: Did you manage to upload the file successfully? Or not? If not, what happened? If you did, what happened / is the resulting problem that makes you think that such a check should be in place? Please read and follow https://www.mediawiki.org/wiki/How_to_report_a_bug when reporting issues to avoid ambiguity. Thanks.

Der_Keks added a comment.EditedApr 1 2020, 11:52 AM

<s>Wrong template...</s>
That's not a bug, it's simply a feature request to check if the SVG file is an embedded PNG. I uploaded a file for you with a PNG embedded into a SVG.

@Der_Keks: I have no idea what you mean with "Wrong template...". Please explain.

So there are no problems at all when uploading such a file on Commons, and you just want people to realize that they do not upload an SVG which includes only text, and does not embed binary data, if I understand correctly?

Aklapper renamed this task from Warn if embedded PNG is uploaded as SVG to Warn if embedded PNG is uploaded in an SVG file when uploading an SVG file, so authors can realize.Apr 1 2020, 12:18 PM

Oh that was from my clipboard not for this task :)
First, there are problems which blocks the upload of this file but it's correct that this file is being blocked.
Please just try to upload this picture and you'll see a warning that blocks the upload because there is a dangerous href link in the SVG. The warning is correct but the problem behind isn't called. The problem is that the "normal" user will think he exported a "real" SVG from his programm. Open the attached file in the text editor and you'll see that this SVG is no SVG it's a PNG embedded into a XML structure. This is not what the user wants, because he wanted to upload a "real" SVG file. So it would be a great help for such users to be noticed with a better warning than the "dangerous href link"-warning. A warning that says "Guy, this is not a real SVG, it's an embedded PNG."

And so I looked up for criteria that matches for a "fake" SVG file. If there is an embedded SVG it always will be embedded with "href="data:img/png;base64,". This string will not appear in "real" SVG files. That's why I suggest the simple improvement to tell the user that it's not a real SVG if the string "href="data:img/png;base64," is found.

It had cost much edits and time on discussion pages to find the real problem. Since the authors invest their time voluntarily, they should not waste it. So I think it's a good idea to learn from the problem and use the gained experience in the automated checks of the upload wizard by adding an additional check that makes it clear even to the inexperienced user that this is not a real SVG file.

That's the reason why i am opening this task. That we improve the workflow by eliminating errors to save this time in the future.

Aklapper renamed this task from Warn if embedded PNG is uploaded in an SVG file when uploading an SVG file, so authors can realize to If a PNG is embedded in an SVG file, show a more specific warning than "dangerous href link" when trying to upload.Apr 3 2020, 6:42 PM
Aklapper removed a project: Wikimedia-SVG-rendering.

@Der_Keks: Thanks for the clarification, very appreciated!