From: Brion Vibber <brion@users.mediawiki.org>
Date: Sat, 19 Jan 2008 01:18:23 +0000 (+0000)
Subject: Restore the complete prohibition on action=raw with arbitrary script entry points.
X-Git-Tag: 1.31.0-rc.0~49915
X-Git-Url: https://git.cyclocoop.org/%242?a=commitdiff_plain;h=da6377abb198b21f4241236c3420e9a4a21ccb53;p=lhc%2Fweb%2Fwiklou.git

Restore the complete prohibition on action=raw with arbitrary script entry points.
While only MSIE is known to let the URL's "extension" override the allowed mime types, other browsers will still happily download a file with the name from the URL. That seems unwise as the content may be arbitrary (and perhaps executable).
---

diff --git a/includes/RawPage.php b/includes/RawPage.php
index f96c8b91b0..8b10693889 100644
--- a/includes/RawPage.php
+++ b/includes/RawPage.php
@@ -126,8 +126,7 @@ class RawPage {
 			$url = $_SERVER['PHP_SELF'];
 		}
 		
-		$ua = @$_SERVER['HTTP_USER_AGENT'];
-		if( strcmp( $wgScript, $url ) && strpos( $ua, 'MSIE' ) !== false ) {
+		if( strcmp( $wgScript, $url ) ) {
 			# Internet Explorer will ignore the Content-Type header if it
 			# thinks it sees a file extension it recognizes. Make sure that
 			# all raw requests are done through the script node, which will