"Tim Starling" changed the status of MediaWiki.r109227 to "fixme" and commented it. URL: http://www.mediawiki.org/wiki/Special:Code/MediaWiki/109227#c29997
Old Status: new > New Status: fixme Commit summary for MediaWiki.r109227: Added php-cloudfiles (verbatim) with a thin MediaWiki extension wrapper around it. Custom modifications will also be maintained here. Tim Starling's comment: I think CloudFiles' use of finfo opens up a broad attack surface for security vulnerabilities. MediaWiki should specify a content type, using the same algorithm as that used by StreamFile.php. _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
