Manual:$wgMimeTypeBlacklist

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgMimeTypeBlacklist and the translation is 33% complete.

Other languages:
Deutsch • ‎English • ‎español • ‎français • ‎polski • ‎português • ‎日本語
MIME types: $wgMimeTypeBlacklist
Tipos MIME que rechazar cuando está activado $wgVerifyMimeType .
Introducido en la versión:1.5.0
Eliminado en la versión:aún se usa
Valores permitidos:(array of MIME types (strings))
Valor predeterminado:(véase más abajo)
Otros configuración: Alfabéticamente | Por Función

Detalles

Files with these MIME types will never be allowed as uploads if $wgVerifyMimeType is enabled.

Valor predeterminado

Versión de MediaWiki: 1.18

Valor predeterminado desde 1.18:

$wgMimeTypeBlacklist = array(
        # HTML may contain cookie-stealing JavaScript and web bugs
        'text/html', 'text/javascript', 'text/x-javascript', 'application/x-shellscript',
        # PHP scripts may execute arbitrary code on the server
        'application/x-php', 'text/x-php',
        # Other types that may be interpreted by some servers
        'text/x-python', 'text/x-perl', 'text/x-bash', 'text/x-sh', 'text/x-csh',
        # Client-side hazards on Internet Explorer
        'text/scriptlet', 'application/x-msdownload',
        # Windows metafile, client-side vulnerability on some systems
        'application/x-msmetafile',
);
  • 'application/x-opc+zip', 'application/msword', 'application/vnd.ms-powerpoint', 'application/vnd.msexcel' were blacklisted after 1.17.0 (r81376), and removed in r82783
  • 'application/x-opc+zip', 'text/scriptlet', 'application/x-msdownload' were introduced after 1.5.5
  • 'application/x-msmetafile' was added in 1.5.5
  • 'application/zip' was added in 1.14 and then removed in 1.18
  • All other values were available since the setting was introduced in 1.5.0