[wp-trac] [WordPress Trac] #45633: finfo_file() returns text/plain for json file instead of application/json
WordPress Trac
noreply at wordpress.org
Thu Dec 13 21:42:12 UTC 2018
#45633: finfo_file() returns text/plain for json file instead of application/json
----------------------------+-----------------------------
Reporter: tabrisrp | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Upload | Version: 5.0.1
Severity: normal | Keywords:
Focuses: administration |
----------------------------+-----------------------------
In our plugin, to offer an import/export feature of the settings, we were
relying on a json file as a way to save them, and allowing json upload
using the upload_mimes filter.
With the security update in 5.0.1, additional validation is performed in
wp_check_filetype_and_ext() to determine the real type of an uploaded
file.
The issue is that a json file uploaded will return a application/json mime
type from wp_check_filetype(), but a text/plain mime type by finfo_file().
So the new verification will always fail for json files, even though the
file itself is fine, and allowed using the filter.
Currently I don't see any workaround allowing a json file to be uploaded
without recreating a complete custom upload logic.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/45633>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list