Last modified: 2012-04-12 13:54:11 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T26731, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 24731 - certain file types are blocked for uploading
certain file types are blocked for uploading
Status: RESOLVED DUPLICATE of bug 23583
Product: MediaWiki
Classification: Unclassified
Uploading (Other open bugs)
1.16.x
All All
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on: 23583
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-08 22:16 UTC by Florian Effenberger
Modified: 2012-04-12 13:54 UTC (History)
5 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description Florian Effenberger 2010-08-08 22:16:10 UTC
The relevant parts of my LocalSettings.php read as follows:

$wgEnableUploads       = true;
$wgUploadSizeWarning = 0;
$wgMaxUploadSize = 33554432;
$wgUseAjax = true;
$wgCheckFileExtensions = false;
$wgStrictFileExtensions = false;
$wgVerifyMimeType = false;

Although this should allow uploading of all file types, I cannot upload PDF or ODF documents with this configuration. After choosing them in Firefox 3.6 as upload, nothing happens, the input box stays empty, no error message.

I have to explicitly add

$wgFileExtensions[] = 'pdf';
$wgFileExtensions[] = 'odt';
$wgFileExtensions[] = 'ods';
$wgFileExtensions[] = 'odp';

so it works. Looks like a bug to me.
Comment 1 Platonides 2010-08-08 22:22:24 UTC
odt, ods and odp could be hitting the zip blacklist. There shouldn't be such problem for pdfs, though.

(and as you probably know, doing it this way is insecure)
Comment 2 Florian Effenberger 2010-08-09 09:34:46 UTC
PDFs don't work either. However, I thought with my above settings, the blacklist should be out of effect?

"Files with these mime types will never be allowed as uploads if $wgVerifyMimeType is enabled."
and
"Files with these extensions will never be allowed as uploads if $wgCheckFileExtensions is set to true."

As VerifyMimeType is set to false, and CheckFileExtensions is set to false, no blacklist should be in effect?
Comment 3 Chad H. 2010-08-10 16:53:57 UTC
If I remember correctly, the ZIP checks can't be disabled without changing the code.
Comment 4 Florian Effenberger 2010-08-10 19:15:54 UTC
Then it should be documented in the wiki, I guess. However, it doesn't explain why PDF doesn't work.
Comment 5 Florian Dufour 2010-08-19 16:37:52 UTC
Seems to be related to bug #23583 (/skins/common/upload.js does not consider wgCheckFileExtensions)
Comment 6 Platonides 2010-08-20 20:55:11 UTC
Does it upload with javascript disabled in the browser?
Comment 7 Florian Effenberger 2010-08-21 10:59:11 UTC
Indeed, it does. Just tried to upload ODF (OpenDocument Formula). With JS enabled in FF 3.6, upload doesn't work, with disabled JS it works like a charm.
Comment 8 Brion Vibber 2011-01-02 20:48:05 UTC
Resolving as dupe of bug 23583 rather than a dependency.

*** This bug has been marked as a duplicate of bug 23583 ***

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links