dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2ce2935) | patch
Disable $wgEnableImageWhitelist by default
authorKunal Mehta <legoktm@member.fsf.org>
Wed, 24 Oct 2018 22:39:53 +0000 (15:39 -0700)
committerKunal Mehta <legoktm@member.fsf.org>
Wed, 24 Oct 2018 22:39:53 +0000 (15:39 -0700)
commitd47e2822bc06ad8069718b76b3f228e9f6c0a218
tree6b71864aca4856d1eccdc78fb3d450854c934a25tree | snapshot
parent2ce2935c06723749106a0a896ad93b8e22c41185commit | diff
Disable $wgEnableImageWhitelist by default

This opens up a hole for administrators to load images from external resources,
potentially leaking user's private information to external servers (IP address,
User-Agent, etc.).

Change-Id: Ie780637b292493e664e4d54671a5bb81046106f4
RELEASE-NOTES-1.32 diff | blob | history
includes/DefaultSettings.php diff | blob | history
Wiklou, le Wiki du Wiklou