From d90c0adce707a0277c8fd682117824f55bea1974 Mon Sep 17 00:00:00 2001 From: Rob Church Date: Thu, 7 Jun 2007 20:49:34 +0000 Subject: [PATCH] * (bug 8989) Blacklist 'mhtml' and 'mht' files from upload * Trim release note from bug 7997 --- RELEASE-NOTES | 5 ++--- includes/DefaultSettings.php | 2 +- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index ab6672cccd..913830db8e 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -64,9 +64,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN * Show result of Special:Booksources in wiki content language always, it's normally better maintained than the generic list from the standard message files -* (bug 7997) Added ability of sysops to block users from sending e-mail via - Special:Emailuser. This can be disabled by setting $wgSysopEmailBans to - false. +* (bug 7997) Allow users to be blocked from using Special:Emailuser +* (bug 8989) Blacklist 'mhtml' and 'mht' files from upload == Bugfixes since 1.10 == diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 9830af409b..379faab0e5 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -1475,7 +1475,7 @@ $wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg' ); /** Files with these extensions will never be allowed as uploads. */ $wgFileBlacklist = array( # HTML may contain cookie-stealing JavaScript and web bugs - 'html', 'htm', 'js', 'jsb', + 'html', 'htm', 'js', 'jsb', 'mhtml', 'mht', # PHP scripts may execute arbitrary code on the server 'php', 'phtml', 'php3', 'php4', 'php5', 'phps', # Other types that may be interpreted by some servers -- 2.20.1