Merge "Don't try to verify XML well-formedness for partial SVG uploads"

diff --combined includes/upload/UploadBase.php
index 079c7f8,808b323..a278652
--- 1/includes/upload/UploadBase.php
--- 2/includes/upload/UploadBase.php
+++ b/includes/upload/UploadBase.php
@@@ -424,7 -424,7 +424,7 @@@ abstract class UploadBase 
         * @return mixed True of the file is verified, array otherwise.
         */
        protected function verifyFile() {
-               global $wgVerifyMimeType;
+               global $wgVerifyMimeType, $wgDisableUploadScriptChecks;
                wfProfileIn( __METHOD__ );
  
                $status = $this->verifyPartialFile();
@@@ -446,6 -446,18 +446,18 @@@
                        }
                }
  
+               # check for htmlish code and javascript
+               if ( !$wgDisableUploadScriptChecks ) {
+                       if ( $this->mFinalExtension == 'svg' || $mime == 'image/svg+xml' ) {
+                               $svgStatus = $this->detectScriptInSvg( $this->mTempPath, false );
+                               if ( $svgStatus !== false ) {
+                                       wfProfileOut( __METHOD__ );
+ 
+                                       return $svgStatus;
+                               }
+                       }
+               }
+ 
                $handler = MediaHandler::getHandler( $mime );
                if ( $handler ) {
                        $handlerStatus = $handler->verifyUpload( $this->mTempPath );
@@@ -504,7 -516,7 +516,7 @@@
                                return array( 'uploadscripted' );
                        }
                        if ( $this->mFinalExtension == 'svg' || $mime == 'image/svg+xml' ) {
-                               $svgStatus = $this->detectScriptInSvg( $this->mTempPath );
+                               $svgStatus = $this->detectScriptInSvg( $this->mTempPath, true );
                                if ( $svgStatus !== false ) {
                                        wfProfileOut( __METHOD__ );
  
@@@ -766,20 -778,13 +778,20 @@@
                $sizes = $wgUploadThumbnailRenderMap;
                rsort( $sizes );
  
 +              $file = $this->getLocalFile();
 +
                foreach ( $sizes as $size ) {
 -                      $jobs[] = new ThumbnailRenderJob( $this->getLocalFile()->getTitle(), array(
 -                              'transformParams' => array( 'width' => $size ),
 -                      ) );
 +                      if ( $file->isVectorized()
 +                              || $file->getWidth() > $size ) {
 +                                      $jobs[] = new ThumbnailRenderJob( $file->getTitle(), array(
 +                                              'transformParams' => array( 'width' => $size ),
 +                                      ) );
 +                      }
                }
  
 -              JobQueueGroup::singleton()->push( $jobs );
 +              if ( $jobs ) {
 +                      JobQueueGroup::singleton()->push( $jobs );
 +              }
        }
  
        /**
@@@ -1281,9 -1286,10 +1293,10 @@@
  
        /**
         * @param string $filename
+        * @param bool $partial
         * @return mixed False of the file is verified (does not contain scripts), array otherwise.
         */
-       protected function detectScriptInSvg( $filename ) {
+       protected function detectScriptInSvg( $filename, $partial ) {
                $this->mSVGNSError = false;
                $check = new XmlTypeCheck(
                        $filename,
@@@ -1293,7 -1299,8 +1306,8 @@@
                );
                if ( $check->wellFormed !== true ) {
                        // Invalid xml (bug 58553)
-                       return array( 'uploadinvalidxml' );
+                       // But only when non-partial (bug 65724)
+                       return $partial ? false : array( 'uploadinvalidxml' );
                } elseif ( $check->filterMatch ) {
                        if ( $this->mSVGNSError ) {
                                return array( 'uploadscriptednamespace', $this->mSVGNSError );