Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[OPINION/share yours] Should we limit file types in the file uploader? #45
Short discussion description
Below are arguments for and against this uploading any file type feature
Arguments to keep this feature (uploading any files)
Arguments to limit this feature to just uploading pictures
How can the user be compromised?
What happens when an user in a shared environment gets compromised?
Thank you for your input @anolis, always appreciated.
A default accepted file type list is indeed low cost to size. As far as I understand your input, you are FOR a short list of allowed file-types, which can be modified later by the admin with a functions.php file, if they wanted to allow more file-types?
Full list with added svg, flv, mkv, webm, ogg, ogv, rar, txt, kdbx and ods, alongside with their mime types.
Any other suggestions you'd like to see on the list above?
I'll be implementing this allow list with the mentioned release.
Closing this issue as we have implemented this list with today's 2.4.0 version.