From bf9f644f76d27f7bb1c71643491a7efaf266822e Mon Sep 17 00:00:00 2001
From: adamsilverstein <adamsilverstein@earthboundhosting.com>
Date: Fri, 20 Mar 2026 09:59:22 -0700
Subject: [PATCH] Media: Allow HEIC/HEIF uploads when server lacks support

Bypass the `wp_prevent_unsupported_mime_type_uploads` check
for HEIC/HEIF images so they can be stored even when the
server's image editor doesn't support them. The client-side
canvas fallback handles processing using the browser's
native HEVC decoder via createImageBitmap().
---
 .../class-wp-rest-attachments-controller.php          | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php b/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
index cb714d5a5de71..50467f788ada4 100644
--- a/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
+++ b/src/wp-includes/rest-api/endpoints/class-wp-rest-attachments-controller.php
@@ -258,6 +258,17 @@ public function create_item_permissions_check( $request ) {
 			$prevent_unsupported_uploads = false;
 		}
 
+		// Always allow HEIC/HEIF uploads through even if the server's image
+		// editor doesn't support them. The client-side canvas fallback will
+		// handle processing using the browser's native HEVC decoder.
+		if (
+			$prevent_unsupported_uploads &&
+			! empty( $files['file']['type'] ) &&
+			wp_is_heic_image_mime_type( $files['file']['type'] )
+		) {
+			$prevent_unsupported_uploads = false;
+		}
+
 		// If the upload is an image, check if the server can handle the mime type.
 		if (
 			$prevent_unsupported_uploads &&