Restore the complete prohibition on action=raw with arbitrary script entry points.

While only MSIE is known to let the URL's "extension" override the allowed mime types, other browsers will still happily download a file with the name from the URL. That seems unwise as the content may be arbitrary (and perhaps executable).

diff --git a/includes/RawPage.php b/includes/RawPage.php
index f96c8b9..8b10693 100644 (file)
--- a/includes/RawPage.php
+++ b/includes/RawPage.php
@@ -126,8 +126,7 @@ class RawPage {
                        $url = $_SERVER['PHP_SELF'];
                }
                
-               $ua = @$_SERVER['HTTP_USER_AGENT'];
-               if( strcmp( $wgScript, $url ) && strpos( $ua, 'MSIE' ) !== false ) {
+               if( strcmp( $wgScript, $url ) ) {
                        # Internet Explorer will ignore the Content-Type header if it
                        # thinks it sees a file extension it recognizes. Make sure that
                        # all raw requests are done through the script node, which will