WordPress.org

Make WordPress Core

Opened 5 years ago

Closed 5 years ago

Last modified 3 years ago

#14521 closed enhancement (fixed)

"File type does not meet security guidelines" is a poor error message

Reported by: westi Owned by:
Milestone: 3.1 Priority: normal
Severity: normal Version: 3.0
Component: Upload Keywords: has-patch gsoc
Focuses: Cc:

Description

This message gives useless feedback to the user.

We should replace it with something which hints more on how to resolve the issue / why the upload is not allowed.

Attachments (2)

14521.diff (1.1 KB) - added by wojtek.szkutnik 5 years ago.
14521.patch (1.1 KB) - added by markmcwilliams 5 years ago.
updated patch with words from jane

Download all attachments as: .zip

Change History (14)

@wojtek.szkutnik5 years ago

comment:2 @wojtek.szkutnik5 years ago

  • Cc wojtek.szkutnik@… added
  • Keywords has-patch gsoc added; needs-patch removed

How about this one?

comment:3 @westi5 years ago

Better.

Not sure we should specifically mention a plugin.

Would also be nice to run the translation through a filter and pass some extra info as context so that in an environment where the list of allowed files is extended differently for different users filetype context sensitive messages could be displayed.

comment:4 @mrmist5 years ago

For a message intended for end-users I'm not convinced that talking about extending a whitelist with a plugin is really the best language. Most likely it would be non-admins seeing this message wouldn't it?

comment:5 @jane5 years ago

  • Keywords ux-feedback removed

I wouldn't mention a plugin.

"Sorry, this file type is not permitted for security reasons."

Ideally, this sentence would be followed by, "Please refer to the Codex for more information on allowed file types." Didn't see a good article on it in Codex with a quick search, though. If there is one, link to it from 'allowed file types'.

comment:6 @mrmist5 years ago

I've made a start on the Codex entry for this at

http://codex.wordpress.org/Plugin_API/Filter_Reference/upload_mimes

So feel free to link to that from any proposed alternative message.

@markmcwilliams5 years ago

updated patch with words from jane

comment:7 @markmcwilliams5 years ago

That updated patch only includes the wording from Jane, for starters I'm not 100% sure if there is a certain way you link to the codex or not (link not including the URK in the string?) If anyone wants to point me in the right direction, everything is appreicated!

comment:8 follow-up: @nacin5 years ago

We link directly to Codex pages. The URL should be within a translated string.

That said, we would never link to Plugin_API/Filter_Reference/upload_mimes. This should maybe become a section in the FAQ_Security or something, for an explanation.

comment:9 @mrmist5 years ago

Yep there would doubtless be better places to link to and different words to put around the subject... My edit was really because the Codex didn't have anything at all on it.

comment:10 in reply to: ↑ 8 @markmcwilliams5 years ago

Replying to nacin:

We link directly to Codex pages. The URL should be within a translated string.

Thanks for that info Nacin! :)

comment:11 @demetris5 years ago

  • Resolution set to fixed
  • Status changed from new to closed

14521.patch was committed in r16577. Closing ticket as fixed.

(By the way, I think we should stop introducing such messages with “Sorry”. There is no reason to be apologetic for such restrictions. But that’s another discussion.)

comment:12 @mcepl3 years ago

  • Cc mcepl added
Note: See TracTickets for help on using tickets.