[ofbiz-framework] 01/03: Improved: Secure the uploads (OFBIZ-12080)
This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch release22.01 in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git commit 4f71f851db2d95113b712b385734401a2a5f0149 Author: Jacques Le Roux AuthorDate: Sat May 21 10:05:02 2022 +0200 Improved: Secure the uploads (OFBIZ-12080) Attachments to order can be also documents. Accepting only images did not prevent it, you can always bypass that, but it clarifies things. Also improves the ContentUploadFileTypeNotMatch English label --- applications/content/config/ContentUiLabels.xml | 4 ++-- applications/order/template/order/AddOrderAttachments.ftl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/applications/content/config/ContentUiLabels.xml b/applications/content/config/ContentUiLabels.xml index 38537546ea..3ebd05f03a 100644 --- a/applications/content/config/ContentUiLabels.xml +++ b/applications/content/config/ContentUiLabels.xml @@ -3141,7 +3141,7 @@ 你沒有檢視本頁面的權限.(需要具備"CONTENTMGR_UPDATE"或"CONTENTMGR_ADMIN") -Upload file type not match your selected. +Upload file type not match your selection. Le type de fichier chargé ne correspond pas avec votre selection. Tipo file da caricare non corrisponde alla tua selezione. 選択したアップロードファイルの種類が一致しません。 @@ -7147,4 +7147,4 @@ 生成缺失的搜索引擎优化的网址 產生缺失的搜尋引擎優化的網址 - \ No newline at end of file + diff --git a/applications/order/template/order/AddOrderAttachments.ftl b/applications/order/template/order/AddOrderAttachments.ftl index 17033d8664..3955a5d40a 100644 --- a/applications/order/template/order/AddOrderAttachments.ftl +++ b/applications/order/template/order/AddOrderAttachments.ftl @@ -49,7 +49,7 @@ under the License. - +
[ofbiz-framework] 01/03: Improved: Secure the uploads (OFBIZ-12080)
This is an automated email from the ASF dual-hosted git repository. jleroux pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git commit bdf21f345029f6a25e562a6ecd7b0b5b91597563 Author: Jacques Le Roux AuthorDate: Sat May 21 10:05:02 2022 +0200 Improved: Secure the uploads (OFBIZ-12080) Attachments to order can be also documents. Accepting only images did not prevent it, you can always bypass that, but it clarifies things. Also improves the ContentUploadFileTypeNotMatch English label --- applications/content/config/ContentUiLabels.xml | 4 ++-- applications/order/template/order/AddOrderAttachments.ftl | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/applications/content/config/ContentUiLabels.xml b/applications/content/config/ContentUiLabels.xml index 38537546ea..3ebd05f03a 100644 --- a/applications/content/config/ContentUiLabels.xml +++ b/applications/content/config/ContentUiLabels.xml @@ -3141,7 +3141,7 @@ 你沒有檢視本頁面的權限.(需要具備"CONTENTMGR_UPDATE"或"CONTENTMGR_ADMIN") -Upload file type not match your selected. +Upload file type not match your selection. Le type de fichier chargé ne correspond pas avec votre selection. Tipo file da caricare non corrisponde alla tua selezione. 選択したアップロードファイルの種類が一致しません。 @@ -7147,4 +7147,4 @@ 生成缺失的搜索引擎优化的网址 產生缺失的搜尋引擎優化的網址 - \ No newline at end of file + diff --git a/applications/order/template/order/AddOrderAttachments.ftl b/applications/order/template/order/AddOrderAttachments.ftl index 17033d8664..3955a5d40a 100644 --- a/applications/order/template/order/AddOrderAttachments.ftl +++ b/applications/order/template/order/AddOrderAttachments.ftl @@ -49,7 +49,7 @@ under the License. - +
