User:Playnepal

$wgMimeTypeBlacklist= array( 'text/html', 'text/javascript', 'text/x-javascript', 'application/x-shellscript', 'application/x-php', 'text/x-php', 'text/x-python', 'text/x-perl', 'text/x-bash', 'text/x-sh', 'text/x-csh', 'application/x-msmetafile', ); $wgFileExtensions[] = 'zip';
 * 1) HTML may contain cookie-stealing JavaScript and web bugs
 * 1) PHP scripts may execute arbitrary code on the server
 * 1) Other types that may be interpreted by some servers
 * 1) Windows metafile, client-side vulnerability on some systems