Last modified: 2011-11-21 08:46:48 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T5675, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 3675 - Detect which mime types can be recognized reliably
Detect which mime types can be recognized reliably
Status: NEW
Product: MediaWiki
Classification: Unclassified
Uploading (Other open bugs)
unspecified
All All
: Low enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2005-10-10 22:17 UTC by Daniel Kinzler
Modified: 2011-11-21 08:46 UTC (History)
2 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
patch for MimeMagic.php (6.42 KB, patch)
2005-10-10 22:17 UTC, Daniel Kinzler 		Details
trivial php script for testing the above patch conveniently (613 bytes, text/plain)
2005-10-10 22:19 UTC, Daniel Kinzler 		Details
Show Obsolete (2) Add an attachment (proposed patch, testcase, etc.)

Description Daniel Kinzler 2005-10-10 22:17:24 UTC 
This is a folloup to bug #3641: brion fixed my fix by requiring a matching mime
type only for types that are known to be recognized. How to determine which
types that are was left open. This patch adresses that caveat:

* The types recognized by PHPs GD library are always considered to be recognizable
* if an external command is used to determine the mime type via
$wgMimeDetectorCommand, the system's standard magic.mime file is parsed for
additional types. where that file can be found is determined by the
MM_MAGIC_MIME_FILE. The default value should work on most linux systems, but
would need to be overwritten by windows users.
* if the mime_magic or fileinfo extensions are present in PHP, the file
indicated by ini_get("mime_magic.magicfile") will be parsed for additional types.

I have tested this with and without $wgMimeDetectorCommand, but not with the
mime_magic or fileinfo extensions. 

patch to folow in a minute.
Comment 1 Daniel Kinzler 2005-10-10 22:17:54 UTC 
Created attachment 968 [details]
patch for MimeMagic.php
Comment 2 Daniel Kinzler 2005-10-10 22:19:21 UTC 
Created attachment 969 [details]
trivial php script for testing the above patch conveniently

put this into the installation root to get a list of all mimetypes and
file-extensions that are deemed recognizable.
Comment 3 Sam Reed (reedy) 2011-11-20 18:58:10 UTC 
Patch wouldn't apply cleanly

What's the state of play with this request now Daniel?
Comment 4 Daniel Kinzler 2011-11-21 08:46:48 UTC 
This patch is more than 6 years old :) Also, it was always kind of hackish. It was supposed to address the following issue:

* when a file is uploaded and mediawiki fails to detect its mime type, it is accepted withoput further checks.

* if we knew that the mime type of files with the given file extension *should* be detected, we could reject that file (but afaik we currently don't).

I'm a bit out of the loop, and don't have time to test right now, but I believe the problem still exist: garbage files that are detected as "unknown/unknown" can be uploaded with any file extension.

I think the simples solution would be to reject files that are recognized as "unknown/unknown" unless that extensions is whitelisted in a new config variable.

On a related note: the interaction of $wgCheckFileExtensions vs. $wgVerifyMimeType vs. $wgStrictFileExtensions is very unclear. The mime detection / file verification code needs a rewrite. Sorry for the mess, that stuff from 2005 is actually the first patch I contributed to mediawiki :)
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links