This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "FusionForge".
The branch, master has been updated
via 8b00dacf337f9ce18275e13f1777f6ff7f8c4ec1 (commit)
from 6abfe941f5dcdc0b446c182af2911d0df4f61f5e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://scm.fusionforge.org/anonscm/gitweb/?p=fusionforge/fusionforge.git;a=commitdiff;h=8b00dacf337f9ce18275e13f1777f6ff7f8c4ec1
commit 8b00dacf337f9ce18275e13f1777f6ff7f8c4ec1
Author: Marc-Etienne Vargenau <[email protected]>
Date: Tue Jul 5 12:35:31 2016 +0200
Allow jpeg as well as jpg
diff --git a/src/common/include/utils.php b/src/common/include/utils.php
index bd8826f..d815761 100644
--- a/src/common/include/utils.php
+++ b/src/common/include/utils.php
@@ -1702,7 +1702,7 @@ function utils_headers_download($filename, $mimetype,
$size) {
/* https://www.owasp.org/images/a/ac/PDF_XSS_vulnerability.pdf */
/*
https://groups.google.com/forum/#!topic/mozilla.dev.pdf-js/Fyl5RnaUWVc */
/* (PDF theoretically supports JS, not sure how pdf.js deals with that)
*/
- $authorized_inline = ',^(text/plain|image/png|image/jpg|image/gif)$,';
+ $authorized_inline = ',^(text/plain|image/png|image/jpe?g|image/gif)$,';
/* Disarm XSS-able text/html, and inline common text files (*.c,
*.pl...) */
$force_text_plain =
',^(text/html|text/.*|application/x-perl|application/x-ruby)$,';
-----------------------------------------------------------------------
Summary of changes:
src/common/include/utils.php | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
FusionForge
_______________________________________________
Fusionforge-commits mailing list
[email protected]
http://lists.fusionforge.org/cgi-bin/mailman/listinfo/fusionforge-commits
