https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=42080
--- Comment #7 from David Cook <[email protected]> --- Created attachment 195246 --> https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=195246&action=edit Bug 42080: (follow-up) allow some file types, checked by libmagic, to be viewed inline This patch uses File::LibMagic to determine the real file type using libmagic and magic numbers of invoice files, and allows a select group of file types to be viewed inline for user convenience. Note that a default Content-Security-Policy is still included to offer an extra layer of protection against XSS. Test plan: 0a. Apply the patch 0b. koha-plack --restart kohadev 1. Enable the syspref AcqEnableFiles (ie set to Do) 2. Find or create an active vendor 3. Create a basket if one doesn't already exist 4. Receive a shipment for the vendor 5. Create an invoice 6. Click "Finish receiving" 7. Click "Manage invoice files" 8. Upload a range of files including SVG, PDF, PNG, TXT 9. Click on the "Download" button 10. Note that the file downloads for all types 11. Click on the link in the "Name" column 12. Note that only the PDF and PNG display inline in the browser. The other file types should be downloaded same as if you clicked the "Download" button. Signed-off-by: David Cook <[email protected]> -- You are receiving this mail because: You are watching all bug changes. _______________________________________________ Koha-bugs mailing list [email protected] https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-bugs website : http://www.koha-community.org/ git : http://git.koha-community.org/ bugs : http://bugs.koha-community.org/
