From be633001a5d15d94ec6435e63e64b2e223e1e06c Mon Sep 17 00:00:00 2001
From: Pierre Goiffon <pierre.goiffon@combodo.com>
Date: Wed, 17 Nov 2021 11:12:54 +0100
Subject: [PATCH] =?UTF-8?q?Revert=20"N=C2=B04360=20Security=20hardening"?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This reverts commit 8adf743cc711c88320c77da850d0898798495593.

We will implement a different solution later (hopefully for 2.6.5 / 2.7.6 / 3.0.0 as well)
---
 core/attributedef.class.inc.php |  5 -----
 core/dbobject.class.php         | 11 +----------
 2 files changed, 1 insertion(+), 15 deletions(-)

diff --git a/core/attributedef.class.inc.php b/core/attributedef.class.inc.php
index 70936b9b8..21c31fdf2 100644
--- a/core/attributedef.class.inc.php
+++ b/core/attributedef.class.inc.php
@@ -7351,11 +7351,6 @@ class AttributeImage extends AttributeBlob
 	{
 		if ($value instanceof ormDocument && !$value->IsEmpty())
 		{
-			if ($value->GetMimeType() === 'image/svg+xml') {
-				// N°4360 SVG can contain JavaScript...
-				return false;
-			}
-
 			return ($value->GetMainMimeType() == 'image');
 		}
 
diff --git a/core/dbobject.class.php b/core/dbobject.class.php
index 08b94c9c4..a8dd3ad59 100644
--- a/core/dbobject.class.php
+++ b/core/dbobject.class.php
@@ -1955,16 +1955,7 @@ abstract class DBObject implements iDisplay
 			}
 			if (!$oAtt->CheckFormat($toCheck))
 			{
-				$sErrorMessage = 'Wrong format';
-				if ($oAtt instanceof AttributeDBFieldVoid) {
-					$sErrorMessage .= " [$toCheck]";
-				}
-				if ($oAtt instanceof AttributeBlob) {
-					/** @var $toCheck \ormDocument */
-					$sErrorMessage .= ' ['.$toCheck->GetFileName().']';
-				}
-
-				return $sErrorMessage;
+				return "Wrong format [$toCheck]";
 			}
 		}
 		else