[wp-trac] [WordPress Trac] #24251: Reconsider SVG inclusion to get_allowed_mime_types
WordPress Trac
noreply at wordpress.org
Sat Feb 27 22:01:53 UTC 2016
#24251: Reconsider SVG inclusion to get_allowed_mime_types
---------------------------+------------------------------
Reporter: JustinSainton | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Upload | Version:
Severity: normal | Resolution:
Keywords: early | Focuses:
---------------------------+------------------------------
Comment (by chriscct7):
Replying to [comment:58 LewisCowles]:
> PHP 5.2's last release was announced on January 6, 2011
http://nl1.php.net/archive/2011.php#id2011-01-06-1, that is over five
years ago!
Also I'm not sure why the PHP version matters at all unless I've missed
something. The proof of concept doesn't sanitize all of the vectors
pointed out, regardless of PHP version. It was tested on a copy of PHP
5.6. That it is also not PHP 5.2 compatible isn't the bigger issue, the
larger issue is that it doesn't sanitize all of the vectors.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/24251#comment:60>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list