#11051 closed defect (bug) (fixed)
Add .flv to the upload whitelist
Reported by: | rustang289 | Owned by: | |
---|---|---|---|
Milestone: | 2.9 | Priority: | normal |
Severity: | normal | Version: | 2.8.5 |
Component: | Upload | Keywords: | has-patch |
Focuses: | Cc: |
Description
After doing the wordpress update from WordPress 2.8.4 to ver 2.8.5
I get an error "File type does not meet security guidelines. Try another." while trying to upload a media file .flv. The upload works fine on verion 2.8.4 . I did a fresh wordpress install of 2.8.4 and had no problems I then did an imidiate upgrade to 2.8.5 and tried to upload the same file again and thats when I got the error. There are no plugins installed and no extra themes.
Attachments (2)
Change History (10)
#1
@
15 years ago
- Milestone Unassigned deleted
- Resolution set to invalid
- Status changed from new to closed
#2
@
15 years ago
- Keywords needs-patch added
- Milestone set to 2.9
- Resolution invalid deleted
- Status changed from closed to reopened
Oh, I missed the fact you mentioned .flv
..
I think that should probably be added to the whitelist functionality.
Here are the current items whitelisted: http://core.trac.wordpress.org/browser/trunk/wp-includes/functions.php#L2229
#4
@
15 years ago
There is a plugin available which allows you to manage the list of white listed file types
#5
@
15 years ago
Mutliple other video formats and even swf is on the whitelist. Therfore flv should be as well. This will increase usability w/o the need to configure. Not that I'm such a flashy adobe fanboy, it's used by other apps as well, just to keep that clear.
Filename extension: .flv
Internet media type: video/x-flv
Source
I added it to the list in the patch.
This is a "new" security function, Only whitelisted filetypes may be uploaded by all users (admins included), Previously, This only applied to non-administrators.
See #10692 for where it was done, and a link to a plugin to add file types to the whitelist.
Feel free to open tickets to add any other safe files which should be whitelisted.
To restore pre-2.8.5 behaviour, you may add this to the wp-config.php file: