Last modified: 2011-06-09 07:47:08 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T18414, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 16414 - Upload form should prevent submission of filename with disallowed extension
Upload form should prevent submission of filename with disallowed extension
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
Uploading (Other open bugs)
unspecified
All All
: Normal enhancement (vote)
: ---
Assigned To: Michael Dale
: patch
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2008-11-21 17:36 UTC by Brion Vibber
Modified: 2011-06-09 07:47 UTC (History)
6 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments
patch for skin.php and upload.js (2.85 KB, patch)
2009-04-14 17:20 UTC, Michael Dale
Details

Description Brion Vibber 2008-11-21 17:36:13 UTC
Since the upload form already knows the acceptable and blacklisted file extensions, and what strictness criteria are in force, it would be nice if we could have the form JS check whether your extension is ok before you actually upload the file and have it rejected.
Comment 1 Siebrand Mazeland 2008-11-21 17:38:31 UTC
Could also be implemented server side when "$wgAjaxUploadDestCheck = true;", I guess.
Comment 2 Brion Vibber 2009-03-06 01:42:38 UTC
Another nice little one for the usability team to cut their teeth on. :)

(Note there are bigger changes to upload coming in a branch; CC'ing Michael Dale for reference.)
Comment 3 Michael Dale 2009-03-06 19:07:44 UTC
I believe the _extended_ commons upload js already checks for that sort of thing.  See: setFileExtensions() & checkFileExtension() in http://commons.wikimedia.org/w/index.php?title=MediaWiki:UploadForm.js&action=raw&ctype=text/javascript

But it would be much cleaner to pull those values from the server. Perhaps in conjunction with the destination file check ajax request. (if $wgAjaxUploadDestCheck is true as  Siebrand as points out)
Comment 4 Brion Vibber 2009-03-06 19:27:27 UTC
*nod* We're already putting the whitelisted extensions into UI, so it should be straightforward to put out the whitelisted & blacklisted extensions to JS. :)
Comment 5 Michael Dale 2009-04-14 17:20:11 UTC
Created attachment 6026 [details]
patch for skin.php and upload.js

... it does not appear that we where putting the whitelisted extensions into the UI after all... (added to skin.php for upload pages) 

Addds the js for the extension check to the fillDestFilename function. This patch has also been committed to the upload branch in r49470

<rant> 
Life will be easier once jQuery is supported by default.. such a pain to write javascript without that library :( I think the next patch will be the script loader and it will add in jQuery by default. 
</rant>
Comment 6 Michael Dale 2009-05-27 15:40:41 UTC
the fix to this bug has been re-factored into uploadPage.js as part of the js2 code refactoring. It integrates better with the firefogg support and has been committed to the new-upload branch
Comment 7 p858snake 2011-04-30 00:09:35 UTC
*Bulk BZ Change: +Patch to open bugs with patches attached that are missing the keyword*
Comment 8 Bryan Tong Minh 2011-05-15 11:58:41 UTC
Was fixed somewhere along the way.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links