Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #39550, comment 101


Ignore:
Timestamp:
02/14/2017 11:14:45 PM (7 years ago)
Author:
blobfolio
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #39550, comment 101

    initial v1  
    44> What we don't want to do is make `$mime_to_ext` a blanket whitelist of mime-to-extension possibilities.
    55
    6 Definitely. I'm not suggesting making `$mime_to_ext` a blanket whitelist, but the point of that particular block of code is to try and generate web-able images where it can. That doesn't apply to any file types outside `$mime_to_ext`. Because the outer check ("image/*") is looser than the inner (the `$mime_to_ext` list), anything outside of that will be irrevocably failed.
     6Definitely. I'm not suggesting making `$mime_to_ext` a blanket whitelist, but the point of that particular block of code is to try and generate web-able images where it can. That doesn't apply to any file types outside `$mime_to_ext`. Because the outer check ("image/*") is looser than the inner (the `$mime_to_ext` list), anything in between will be irrevocably failed.
    77
    88If an upload doesn't match the `$mime_to_ext` list, it is outside the purview of that particular challenge and should be passed down the chain to `finfo` and eventually `upload_mimes`.