[OPINION/share yours] Should we limit file types in the file uploader? #45
Comments
I think this is a good consideration to take, I feel that perhaps a default "accepted file type" list would be low cost to size and easily modifiable if the admin feels the desire to upload other filetypes after install. |
Thank you for your input @anolis, always appreciated. A default accepted file type list is indeed low cost to size. As far as I understand your input, you are FOR a short list of allowed file-types, which can be modified later by the admin with a functions.php file, if they wanted to allow more file-types? |
Yes, exactly thumbs up to that. |
Thank you @anolis. Asking for additional opinions and would like to later close this issue and apply the general opinion.
|
I also agree with @anolis |
I will self assign on this issue. How does this list seem to you guys as the "default accepted" file types? Edited list is a couple of posts lower |
My list: gif, jpg, jpeg, png, svg, ico |
Thanks @Tangol! Full list with added svg, flv, mkv, webm, ogg, ogv, rar, txt, kdbx and ods, alongside with their mime types.
Any other suggestions you'd like to see on the list above?I'll be implementing this allow list with the mentioned release. |
Closing this issue as we have implemented this list with today's 2.4.0 version.
|
Short discussion description
Below are arguments for and against this uploading any file type feature
Arguments to keep this feature (uploading any files)
Arguments to limit this feature to just uploading pictures
How can the user be compromised?
What happens when an user in a shared environment gets compromised?
The text was updated successfully, but these errors were encountered: