This repository has been archived by the owner on May 26, 2020. It is now read-only.
Media Manager not outputing any error when trying to upload a zip file that contains php files #166
Labels
Milestone
Comments
ghost
mentioned this issue
|
Also for zipped HTML files, they can contain scripts that can mess things up |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Original-Issue by @compojoom at #10609
As far as I understand there is a new security feature that scans the content of a zip file uploaded through the media manager and forbids the upload if that zip file contains any php files.
In my case this is pretty stupid as I want people to upload zip files containing php code, but anyway. That's not the point of this issue here.
When uploading such an "incorrect" file I would expect to at least get an error message or at a warning. Instead the page just refreshes and no message is displayed.
Steps to reproduce the issue
Go to media manager. (make sure that you have set the zip file extension in the allowed extension types) Try to upload a zip file containing php files.
Expected result
The file should upload.
Actual result
The file doesn't upload and not error message is shown. The file list just refreshes.
System information (as much as possible)
Tested on several 3.5.1 installations
Additional comments
I tried to upload the test zip files here but GitHub says "unfortunately, we don't support that file type", which is also pretty confusing as ZIP is listed as a supported file type, but it's way better than joomla's omission of an error whatsoever.
The text was updated successfully, but these errors were encountered: