mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-24 06:20:56 +01:00
Allow upload of arbitrary text files
Summary: Fixes T8984. Because of how drag-and-drop upload works, the text file with content `code` is interpreted as a forbidden variable. Disable this check for the drop upload controller. (The risk here is a general one where the controller redirects and bundles paramters; this controller does not do that, so it's safe to make this change.) Test Plan: Uploaded a text file containing only the string "code" (no quotes) by using drag-and-drop. Reviewers: chad Reviewed By: chad Subscribers: epriestley Maniphest Tasks: T8984 Differential Revision: https://secure.phabricator.com/D13744
This commit is contained in:
parent
eb152d3053
commit
bbc1074ced
1 changed files with 6 additions and 0 deletions
|
@ -3,6 +3,12 @@
|
|||
final class PhabricatorFileDropUploadController
|
||||
extends PhabricatorFileController {
|
||||
|
||||
public function shouldAllowRestrictedParameter($parameter_name) {
|
||||
// Prevent false positives from file content when it is submitted via
|
||||
// drag-and-drop upload.
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* @phutil-external-symbol class PhabricatorStartup
|
||||
*/
|
||||
|
|
Loading…
Reference in a new issue