Skip to content
Permalink
Browse files Browse the repository at this point in the history
Fixing empty space at the end of a file name allowing dangerous files…
… to be uploaded.

Thank you to math1as from l-team for the disclosure and fix.

#276
  • Loading branch information
timbuckingham committed Apr 7, 2017
1 parent 4110a5b commit 8cf4212
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion core/inc/bigtree/apis/storage.php
Expand Up @@ -8,7 +8,7 @@ class BigTreeStorage {

var $AutoJPEG = false;
var $DisabledFileError = false;
var $DisabledExtensionRegEx = '/\\.(exe|com|bat|php|rb|py|cgi|pl|sh|asp|aspx)$/i';
var $DisabledExtensionRegEx = '/\\.(exe|com|bat|php|rb|py|cgi|pl|sh|asp|aspx)/i';
var $Service = "";
var $Cloud = false;
var $Settings;
Expand Down

0 comments on commit 8cf4212

Please sign in to comment.