* (bug 8989) Blacklist 'mhtml' and 'mht' files from upload

* Trim release note from bug 7997

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index ab6672c..913830d 100644 (file)
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -64,9 +64,8 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
 * Show result of Special:Booksources in wiki content language always, it's
   normally better maintained than the generic list from the standard message
   files
-* (bug 7997) Added ability of sysops to block users from sending e-mail via
-  Special:Emailuser. This can be disabled by setting $wgSysopEmailBans to
-  false.
+* (bug 7997) Allow users to be blocked from using Special:Emailuser
+* (bug 8989) Blacklist 'mhtml' and 'mht' files from upload
 
 == Bugfixes since 1.10 ==
 

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 9830af4..379faab 100644 (file)
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -1475,7 +1475,7 @@ $wgFileExtensions = array( 'png', 'gif', 'jpg', 'jpeg' );
 /** Files with these extensions will never be allowed as uploads. */
 $wgFileBlacklist = array(
        # HTML may contain cookie-stealing JavaScript and web bugs
-       'html', 'htm', 'js', 'jsb',
+       'html', 'htm', 'js', 'jsb', 'mhtml', 'mht',
        # PHP scripts may execute arbitrary code on the server
        'php', 'phtml', 'php3', 'php4', 'php5', 'phps',
        # Other types that may be interpreted by some servers