mahara-contributors team mailing list archive

[Mahara Bot <1855351@xxxxxxxxxxxxxxxxxx>]

Reviewed:  https://reviews.mahara.org/10645
Committed: https://git.mahara.org/mahara/mahara/commit/a064f3d60cc5ee7be39c66fce9a8d241ce286f5b
Submitter: Cecilia Vela Gurovic (ceciliavg@xxxxxxxxxxxxxxx)
Branch:    master

commit a064f3d60cc5ee7be39c66fce9a8d241ce286f5b
Author: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date:   Fri Dec 6 12:33:53 2019 +1300

Bug 1855351: Allow restriction of file uploads to a whitelist

This patch allows:
- the setting of a whitelist via a config setting
- check if file extension is in the whitelist
- check if the mimetype matches expected mimetype

behatnotneeded

Change-Id: Ie20726870d45e5eff7bf076e55ec694145e7a7ac
Signed-off-by: Robert Lyon <robertl@xxxxxxxxxxxxxxx>

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1855351

Title:
  Allow the site to restrict what files are allowed to be uploaded

Status in Mahara:
  Fix Committed

Bug description:
  Currently a site can allow users to upload any file type.

  But in some cases Mahara sites would want to restrict what can be
  uploaded to avoid users uploading malicious files or files that serve
  no purpose for portfolio creation, eg .bat or .exe files

  To avoid this we could have a config.php setting that whitelists what
  file extensions are ok and display to the user what files extensions
  are allowed

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1855351/+subscriptions