WordPress.org

Make WordPress Core

Opened 2 months ago

Last modified 6 weeks ago

#54433 assigned defect (bug)

ALLOW_UNFILTERED_UPLOADS does not work anymore

Reported by: mssd19 Owned by:
Milestone: Awaiting Review Priority: normal
Severity: normal Version: 5.8.2
Component: Media Keywords:
Focuses: Cc:

Description

I previously added
define( 'ALLOW_UNFILTERED_UPLOADS', true );
to wp-config.php so that I could upload binary executable into the media library. These executable files are installers for the software my lab develops and which is used by thousands of users around the world.
As I am trying to release a new version I tried to upload the new installers and no matter what I do I get "Sorry, this file type is not permitted for security reasons".
I really see no reason why the site admin should be prevented to upload something into his own site.
I am using version 5.8.2 of wordpress which does not appear in the Version pull down below, and Avada and a multisite installation.

Change History (3)

#1 @dlh
2 months ago

  • Component changed from General to Media
  • Focuses administration multisite removed
  • Version trunk deleted

#2 @SergeyBiryukov
2 months ago

  • Version set to 5.8.2

#3 @mssd19
6 weeks ago

Hello

So what is happening with this ?
Why it is that a site administrator cannot upload a file ? This makes no sense to me.

my wp-config.php file contains

define('ALLOW_UNFILTERED_UPLOADS',true);

and my wp-content/themes/Avada/functions.php fiel contains

function my_custom_upload_mime_types( $mimes ) {
$mimes['py'] = 'text/x-python';
$mimes['exe'] = 'application/x-msdos-program';
$mimes['sh'] = 'text/x-sh';
$mimes['tgz'] = 'application/x-tar';
$mimes['msi'] = 'application/x-msi';
$mimes['wps'] = 'application/x-executable';
// Return the array back to the function with our added MIME type.
return $mimes;
}
add_filter( 'upload_mimes', 'my_custom_upload_mime_types' );

the .wps extension (i.e WordPress Sucks) was added as it is the only way I found to upload linux binaries, by adding the .wps extension ...

thanks

Last edited 6 weeks ago by johnbillion (previous) (diff)
Note: See TracTickets for help on using tickets.