Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T21355, the corresponding Phabricator task for complete and up-to-date bug report information.

Bug 19355 - $wgFileBlacklist should include 'xhtml'

Summary:	$wgFileBlacklist should include 'xhtml'

Status: RESOLVED FIXED Product: MediaWiki Classification: Unclassified Component: Uploading (Other open bugs) Version: 1.16.x Hardware: All All Importance: Normal normal (vote) Target Milestone: --- Assigned To: Brion Vibber URL: Whiteboard: Keywords: easy Depends on: Blocks:   Show dependency tree / graph		Reported: 2009-06-22 22:27 UTC by Lee Worden Modified: 2009-07-19 19:42 UTC (History) CC List: 0 users See Also: Web browser: --- Mobile Platform: --- Assignee Huggle Beta Tester: ---

Attachments Add an attachment (proposed patch, testcase, etc.)

Description Lee Worden 2009-06-22 22:27:04 UTC Along with the other html filetypes, .xhtml uploads should be blacklisted by default, because they could be a threat on a WM site that uses application/xhtml+xml, or even one that doesn't. Comment 1 Brion Vibber 2009-07-19 19:42:26 UTC .xhtml and .xht added in r53487