https://bugzilla.wikimedia.org/show_bug.cgi?id=56178
--- Comment #7 from Chris Steipp <[email protected]> --- includes/Helpers/FileChecks.php * mimeTypeAndExtensionMatch doesn't ensure mime = extension. mimeTypeAndExtensionMatch() should use MimeMagic::isMatchingExtension() * It looks like this is only used for the xml metadata. If so, can you please document that in the code? includes/Jobs/UploadMetadataJob.php * The variables put into the $_POST global state can be anything, since the whitelisting for MetadataMappingHandler is based on the templates, which are user-controlled. If you need arbitrary values to be input from the form, you need to use something other than $_POST to pass the state to the dependent objects. includes/Php/File.php * Use MimeMagic for mimetype detection includes/Handlers/UploadHandler.php * Remove augmentAllowedExtensions if it's unused includes/Handlers/Xml/XmlDetectHandler.php * getButtonRowNoMetadata, getFirstRow use Sanitizer::escapeId for html id attr * xml_validator.asp needs to be an external link includes/Handlers/Forms/MetadataMappingHandler.php * no access control on who can access files in the backend? includes/Forms/PreviewForm.php * Can getPostAsHiddenFields only return a whitelist of fields? includes/Adapters/Php/MediawikiTemplatePhpAdapter.php * Should use a derivative request object instead of curling the api. If this isn't possible for some reason, it needs to use https instead of http. includes/Adapters/Php/MappingPhpAdapter.php * Needs to check of the user has access, or get FOR_PUBLIC == Not security related == table-create-gwtoolset-mediawiki-templates.sql * missing hooks for update.php includes/Handlers/Forms/MetadataMappingHandler.php * Checking for PHP_SAPI = 'cli' seems like the wrong way to check if this is running from a job -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
