From d35e691e72d358430abc8e99f5ba9eb374423b9f Mon Sep 17 00:00:00 2001
From: Peter Ivanov <peter@microweber.com>
Date: Fri, 8 Jul 2022 16:41:01 +0300
Subject: [PATCH] update

---
 .../App/functions/plupload.php                   | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/src/MicroweberPackages/App/functions/plupload.php b/src/MicroweberPackages/App/functions/plupload.php
index 244980968ce..5890b2ae9ff 100644
--- a/src/MicroweberPackages/App/functions/plupload.php
+++ b/src/MicroweberPackages/App/functions/plupload.php
@@ -563,17 +563,25 @@
                 }
 
             } else if ($ext === 'svg') {
-
+                $valid = false;
                 if (is_file($filePath)) {
                     $sanitizer = new \enshrined\svgSanitize\Sanitizer();
                     // Load the dirty svg
                     $dirtySVG = file_get_contents($filePath);
                      // Pass it to the sanitizer and get it back clean
-                    $cleanSVG = $sanitizer->sanitize($dirtySVG);
-                    file_put_contents($filePath, $cleanSVG);
+                    try {
+                        $cleanSVG = $sanitizer->sanitize($dirtySVG);
+                        $valid = true;
+                    } catch (\Exception $e) {
+                        $valid = false;
+                    }
+
+                    if ($valid) {
+                        file_put_contents($filePath, $cleanSVG);
+                    }
 
                 }
-               $valid = true;
+
 
             } else {
                 $valid = false;