Previously if a file had a format, where we didn't have an
extension associated with it in mime.types, people could upload
it with any extension that is in $wgFileExtensions. This meant
people could upload a non-allowed file type if it had an allowed
extension, and the non-allowed file type didn't have a canonical
extension in mime.types
Bug: 39012
Change-Id: Ib373fafdfceceed65fbd23cf468f3c19196545c9
adding a new topic on a page
* (bug 41756) Improve treatment of multiple comments on a blank line.
* (bug 51064) Purge upstream caches when deleting file assets.
+* (bug 39012) File types with a mime that we do not know the extension for
+ can no longer be uploaded as an extension that we do know the mime type
+ for.
=== API changes in 1.22 ===
* (bug 25553) The JSON output formatter now leaves forward slashes unescaped
$match = $magic->isMatchingExtension( $extension, $mime );
if ( $match === null ) {
- wfDebug( __METHOD__ . ": no file extension known for mime type $mime, passing file\n" );
- return true;
+ if ( $magic->getTypesForExtension( $extension ) !== null ) {
+ wfDebug( __METHOD__ . ": No extension known for $mime, but we know a mime for $extension\n" );
+ return false;
+ } else {
+ wfDebug( __METHOD__ . ": no file extension known for mime type $mime, passing file\n" );
+ return true;
+ }
} elseif ( $match === true ) {
wfDebug( __METHOD__ . ": mime type $mime matches extension $extension, passing file\n" );