dépôts
/
lhc
/
web
/
wiklou.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
2fe05dc
)
Add .phar to $wgFileBlacklist as a paranoia measure
author
Brian Wolff
<bawolff+wn@gmail.com>
Fri, 22 Feb 2019 04:31:56 +0000
(
04:31
+0000)
committer
Brian Wolff
<bawolff+wn@gmail.com>
Fri, 22 Feb 2019 04:31:56 +0000
(
04:31
+0000)
Seems like it can't hurt.
Change-Id: I833dd95742d7de772833c738ca7f5403e57bc2f4
includes/DefaultSettings.php
patch
|
blob
|
history
diff --git
a/includes/DefaultSettings.php
b/includes/DefaultSettings.php
index
9286591
..
5ede118
100644
(file)
--- a/
includes/DefaultSettings.php
+++ b/
includes/DefaultSettings.php
@@
-940,7
+940,7
@@
$wgFileBlacklist = [
# HTML may contain cookie-stealing JavaScript and web bugs
'html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'xhtml', 'xht',
# PHP scripts may execute arbitrary code on the server
- 'php', 'phtml', 'php3', 'php4', 'php5', 'phps',
+ 'php', 'phtml', 'php3', 'php4', 'php5', 'phps',
'phar',
# Other types that may be interpreted by some servers
'shtml', 'jhtml', 'pl', 'py', 'cgi',
# May contain harmful executables for Windows victims