WordPress.org

Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #17454, comment 1


Ignore:
Timestamp:
05/16/11 14:12:22 (3 years ago)
Author:
duck_
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #17454, comment 1

    initial v1  
    77}}} 
    88 
    9 That means that the uploaded file type has to be `application/octet-stream`. Again this seems insecure. You should probably use wp_check_file_type_and_ext() or wp_handle_upload(), don't really know enough about the use case to be sure. 
     9That means that the uploaded file type has to be `application/octet-stream` for the example filter in the thread you linked to which adds support for pub|psd|rdf. Or for a default, inbuilt file type like .docx it would have to be `application/vnd.openxmlformats-officedocument.wordprocessingml` which one of the other users posting had trouble with. I assume that the browsers aren't specifying these as the types. This still seems insecure. You should probably use wp_check_file_type_and_ext() or wp_handle_upload(), don't really know enough about the use case to be sure.