diff --git src/wp-includes/functions.php src/wp-includes/functions.php
index 439a2a30ce..8c209ec6bf 100644
|
|
function wp_check_filetype_and_ext( $file, $filename, $mimes = null ) { |
2569 | 2569 | * This means that common mismatches are forgiven: application/vnd.apple.numbers is often misidentified as application/zip, |
2570 | 2570 | * and some media files are commonly named with the wrong extension (.mov instead of .mp4) |
2571 | 2571 | */ |
2572 | | |
2573 | 2572 | if ( substr( $real_mime, 0, strcspn( $real_mime, '/' ) ) !== substr( $type, 0, strcspn( $type, '/' ) ) ) { |
2574 | 2573 | $type = $ext = false; |
2575 | 2574 | } |
| 2575 | } elseif ( 'text/plain' === $real_mime ) { |
| 2576 | // A few common file types are occasionally detected as text/plain; allow those. |
| 2577 | if ( ! in_array( $type, array( |
| 2578 | 'text/plain', |
| 2579 | 'text/csv', |
| 2580 | 'text/richtext', |
| 2581 | 'text/tsv', |
| 2582 | 'text/vtt', |
| 2583 | ) ) |
| 2584 | ) { |
| 2585 | $type = $ext = false; |
| 2586 | } |
| 2587 | } elseif( 'text/rtf' === $real_mime ) { |
| 2588 | // Special casing for RTF files. |
| 2589 | if ( ! in_array( $type, array( |
| 2590 | 'text/rtf', |
| 2591 | 'text/plain', |
| 2592 | 'application/rtf', |
| 2593 | ) ) |
| 2594 | ) { |
| 2595 | $type = $ext = false; |
| 2596 | } |
2576 | 2597 | } else { |
2577 | 2598 | if ( $type !== $real_mime ) { |
2578 | 2599 | /* |
diff --git tests/phpunit/tests/functions.php tests/phpunit/tests/functions.php
index f76c342c2f..6a7c447c28 100644
|
|
class Tests_Functions extends WP_UnitTestCase { |
1230 | 1230 | } |
1231 | 1231 | |
1232 | 1232 | /** |
1233 | | * Data profider for test_wp_get_image_mime(); |
| 1233 | * Data provider for test_wp_get_image_mime(); |
1234 | 1234 | */ |
1235 | 1235 | public function _wp_get_image_mime() { |
1236 | 1236 | $data = array( |
… |
… |
class Tests_Functions extends WP_UnitTestCase { |
1336 | 1336 | 'proper_filename' => false, |
1337 | 1337 | ), |
1338 | 1338 | ), |
| 1339 | // Non-image file not allowed even if it's named like one. |
| 1340 | array( |
| 1341 | DIR_TESTDATA . '/export/crazy-cdata.xml', |
| 1342 | 'crazy-cdata.jpg', |
| 1343 | array( |
| 1344 | 'ext' => false, |
| 1345 | 'type' => false, |
| 1346 | 'proper_filename' => false, |
| 1347 | ), |
| 1348 | ), |
| 1349 | // Non-image file not allowed if it's named like something else. |
| 1350 | array( |
| 1351 | DIR_TESTDATA . '/export/crazy-cdata.xml', |
| 1352 | 'crazy-cdata.doc', |
| 1353 | array( |
| 1354 | 'ext' => false, |
| 1355 | 'type' => false, |
| 1356 | 'proper_filename' => false, |
| 1357 | ), |
| 1358 | ), |
| 1359 | // Assorted text/* sample files |
| 1360 | array( |
| 1361 | DIR_TESTDATA . '/uploads/test.vtt', |
| 1362 | 'test.vtt', |
| 1363 | array( |
| 1364 | 'ext' => 'vtt', |
| 1365 | 'type' => 'text/vtt', |
| 1366 | 'proper_filename' => false, |
| 1367 | ), |
| 1368 | ), |
| 1369 | array( |
| 1370 | DIR_TESTDATA . '/uploads/test.csv', |
| 1371 | 'test.csv', |
| 1372 | array( |
| 1373 | 'ext' => 'csv', |
| 1374 | 'type' => 'text/csv', |
| 1375 | 'proper_filename' => false, |
| 1376 | ), |
| 1377 | ), |
| 1378 | // RTF files. |
| 1379 | array( |
| 1380 | DIR_TESTDATA . '/uploads/test.rtf', |
| 1381 | 'test.rtf', |
| 1382 | array( |
| 1383 | 'ext' => 'rtf', |
| 1384 | 'type' => 'application/rtf', |
| 1385 | 'proper_filename' => false, |
| 1386 | ), |
| 1387 | ), |
1339 | 1388 | ); |
1340 | 1389 | |
1341 | 1390 | // Test a few additional file types on single sites. |