https://bugzilla.wikimedia.org/show_bug.cgi?id=66667
Bug ID: 66667
Summary: Uppercase picture extensions like .PNG are not allowed
Product: MediaWiki
Version: unspecified
Hardware: All
OS: All
Status: UNCONFIRMED
Severity: major
Priority: Unprioritized
Component: General/Unknown
Assignee: [email protected]
Reporter: [email protected]
Web browser: Firefox
Mobile Platform: ---
Intention:
Upgrade some wikies to 1.23.0, some of them are 10 years old
Steps to Reproduce:
1. Make a new wiki
2. In apache, alias image dir to img_auth.php
3. Upload a picture with extension .PNG
4. Try to view picture when logged in. .png will work, .PNG won't.
Actual Results:
Apache give a 403 error with the following text:
Forbidden
Invalid file extension found in the path info or query string.
Expected Results:
The picture.
Reproducible: Always
In includes/libs/IEUrlExtension.php at line 120, the following line seems to be
the problem:
if ( !preg_match( '/^[a-zA-Z0-9_-]+$/', $extension ) ) {
I believe the '!' should be removed. This seems to be a fallback check for
correct extensions that instead of accepting normal alphanumerical extensions
instead accepts all non-alphanumerical extensions.
--
You are receiving this mail because:
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
![[Bug 66667] New: Uppercase picture extensions like .PNG are not allowed](/search?l=wikibugs-l@lists.wikimedia.org&q=subject:%22%5C%5BBug+66667%5C%5D+New%5C%3A+Uppercase+picture+extensions+like+.PNG+are+not%09allowed%22&o=newest){kind=link}
