From b68b3b1f71c436937fb0657d1ab982afd5cfd7c0 Mon Sep 17 00:00:00 2001
From: Gabriel Wicke <gwicke@users.mediawiki.org>
Date: Wed, 28 Apr 2004 20:29:47 +0000
Subject: [PATCH] content-type restrictions

---
 includes/RawPage.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/includes/RawPage.php b/includes/RawPage.php
index 8ed7bcee0e..7aaa9e8372 100644
--- a/includes/RawPage.php
+++ b/includes/RawPage.php
@@ -9,10 +9,16 @@ class RawPage {
 
 	function RawPage( $article ) {
 		global $wgRequest, $wgInputEncoding;
+		$allowedCTypes = array('text/plain', 'text/javascript', 'text/css');
 		$this->mArticle =& $article;
 		$this->mTitle =& $article->mTitle;
 		$ctype = $wgRequest->getText( 'ctype' );
-		$this->mContentType = !empty($ctype)?$ctype:'text/plain';
+		if(empty($ctype) or !in_array($ctype, $allowedCTypes)) {
+			$this->mContentType = 'text/plain';
+		} else {
+			$this->mContentType = $ctype;
+		}
+			
 		$charset = $wgRequest->getText( 'charset' );
 		$this->mCharset = !empty($charset) ? $charset : $wgInputEncoding;
 		$this->mOldId = $wgRequest->getInt( 'oldid' );
-- 
2.20.1