Skip to content
Permalink
Browse files

Remove text/html as a safe mimetype

The non-default safe mimetype in gerrit exists purely to proect installs
against setting this - when set, downloading a text/html file will
result in that file being rendered.

Change-Id: I648ada0b26aaf35ece9ef57f609b46f23f6e422a
  • Loading branch information...
greghaynes committed Jun 21, 2016
1 parent c785f75 commit 8573c2ee172f66c1667de49685c88fdc8883ca8b
Showing with 0 additions and 2 deletions.
  1. +0 −2 templates/gerrit.config.erb
@@ -202,8 +202,6 @@
safe = true
[mimetype "text/plain"]
safe = true
[mimetype "text/html"]
safe = true
[mimetype "text/x-puppet"]
safe = true
[mimetype "text/x-ini"]

0 comments on commit 8573c2e

Please sign in to comment.
You can’t perform that action at this time.