mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-20 04:20:55 +01:00
Allow upload of arbitrary text files
Summary: Fixes T8984. Because of how drag-and-drop upload works, the text file with content `code` is interpreted as a forbidden variable. Disable this check for the drop upload controller. (The risk here is a general one where the controller redirects and bundles paramters; this controller does not do that, so it's safe to make this change.) Test Plan: Uploaded a text file containing only the string "code" (no quotes) by using drag-and-drop. Reviewers: chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T8984 Differential Revision: https://secure.phabricator.com/D13744
This commit is contained in:
epriestley
parent
eb152d3053
commit
bbc1074ced
1 changed files with 6 additions and 0 deletions
|
|
@ -3,6 +3,12 @@
|
||||||
final class PhabricatorFileDropUploadController
|
final class PhabricatorFileDropUploadController
|
||||||
extends PhabricatorFileController {
|
extends PhabricatorFileController {
|
||||||
|
|
||||||
|
public function shouldAllowRestrictedParameter($parameter_name) {
|
||||||
|
// Prevent false positives from file content when it is submitted via
|
||||||
|
// drag-and-drop upload.
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @phutil-external-symbol class PhabricatorStartup
|
* @phutil-external-symbol class PhabricatorStartup
|
||||||
*/
|
*/
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue