[wp-trac] [WordPress Trac] #15916: Please add .ics to security guidelines' "whitelist."
WordPress Trac
wp-trac at lists.automattic.com
Mon Dec 20 15:33:03 UTC 2010
#15916: Please add .ics to security guidelines' "whitelist."
-------------------------+-------------------------------------------------
Reporter: janas | Owner: janas
Type: defect | Status: new
(bug) | Milestone: Awaiting Review
Priority: normal | Version:
Component: Security | Keywords: .ics, iCal, calendar, file, export,
Severity: normal | upload, download, security guidelines,
| whitelist
-------------------------+-------------------------------------------------
I upload files (usually images for display, sometimes PDFs for download)
either from the WordPress dashboard ("Add New Media" on left column), or
from the "Add Media" button while editing a page ("Upload/Insert" above
the editing box).
The uploader uploads my ICS (iCal Export) file, then says in red: "File
type does not meet security guidelines. Try another."
I want to be able to upload our ICS file, for our fans to download and
import into their calendars if they choose. Personally, I frequently
download ICS files from Facebook event pages and other sources for import
into my own iCal—as a fan I find quite a handy time-saver.
ICS files are not executables, so I don't know that they could be used
maliciously.
Thank you.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/15916>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list