1
0
mirror of https://github.com/vichan-devel/vichan.git synced 2024-11-27 17:00:52 +01:00

Improved IE MIME dtection XSS exploit regular expression

This commit is contained in:
Savetheinternet 2011-05-18 16:01:21 +10:00
parent 15f804bcff
commit 88a48c10d5

View File

@ -549,7 +549,7 @@
$config['ipv6_ipv4'] = true;
// Regular expression to check for IE MIME type detection XSS exploit. To disable, comment the line out
// https://github.com/savetheinternet/Tinyboard/issues/20
$config['ie_mime_type_detection'] = '/<(?:body|head|html|img|plaintext|pre|script|table|title|a href|channel|scriptlet)/';
$config['ie_mime_type_detection'] = '/<(?:body|head|html|img|plaintext|pre|script|table|title|a href|channel|scriptlet)/i';
// Allowed image file extensions
$config['allowed_ext'] = Array('jpg', 'jpeg', 'bmp', 'gif', 'png');