Page MenuHomePhabricator
Create Task
Maniphest T21355

$wgFileBlacklist should include 'xhtml'
Closed, ResolvedPublic
Actions

Description

Author: wonder

Description:
Along with the other html filetypes, .xhtml uploads should be blacklisted by default, because they could be a threat on a WM site that uses application/xhtml+xml, or even one that doesn't.

Version: 1.16.x
Severity: normal

Details

Reference
bz19355

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:39 PM
bzimport added projects: MediaWiki-Uploading, good first task.
bzimport set Reference to bz19355.
bzimport created this task.Jun 22 2009, 10:27 PM
brooke added a comment.Jul 19 2009, 7:42 PM

.xhtml and .xht added in r53487

Gilles added a project: Multimedia.Dec 4 2014, 10:48 AM
Gilles moved this task from Untriaged to Done on the Multimedia board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits