Make WordPress Core

Changes between Initial Version and Version 1 of Ticket #50136, comment 2


Ignore:
Timestamp:
05/10/2020 02:02:21 PM (4 years ago)
Author:
ayeshrajans
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #50136, comment 2

    initial v1  
    33`strpos( $ext_pattern, $ext ) !== false` <- This should block `tx` and `tx*` file extensions if `tx` in in the allow-list. Not the other way around that `txt` is allowed when `tx` is in the allow-list.
    44
    5 However, I think we probably should improve the `strpos` call to allow case sensitivity and check with proper word boundaries to make the comparison more strict.
     5However, I think we probably should improve the `strpos` call to allow case insensitivity and check with proper word boundaries to make the comparison more strict.
    66
    77`!preg_match('/\b' . preg_quote($ext, '/') . '\b/i')` would be a better check.