[wp-trac] [WordPress Trac] #39550: Some Non-image files fail to upload after 4.7.1
WordPress Trac
noreply at wordpress.org
Tue Feb 14 23:13:58 UTC 2017
#39550: Some Non-image files fail to upload after 4.7.1
------------------------------------+------------------------
Reporter: greatislander | Owner: joemcgill
Type: defect (bug) | Status: assigned
Priority: normal | Milestone: 4.7.3
Component: Upload | Version: 4.7.1
Severity: critical | Resolution:
Keywords: has-patch dev-feedback | Focuses:
------------------------------------+------------------------
Comment (by blobfolio):
Replying to [comment:100 joemcgill]:
> Replying to [comment:98 blobfolio]:
>
> What we don't want to do is make `$mime_to_ext` a blanket whitelist of
mime-to-extension possibilities.
Definitely. I'm not suggesting making `$mime_to_ext` a blanket whitelist,
but the point of that particular block of code is to try and generate web-
able images where it can. That doesn't apply to any file types outside
`$mime_to_ext`. Because the outer check ("image/*") is looser than the
inner (the `$mime_to_ext` list), anything outside of that will be
irrevocably failed.
If an upload doesn't match the `$mime_to_ext` list, it is outside the
purview of that particular challenge and should be passed down the chain
to `finfo` and eventually `upload_mimes`.
It's one thing for WordPress to not explicitly image-ize unusual graphics
formats, but another to say, "Sorry, you can't use these at all no matter
what." Particularly with SVG, which is so prominent (even the core is
using some now, haha).
While it is possible to require both a hook into `upload_mimes` and
another into `wp_check_filetype_and_ext`, that seems both tedious and a
bit dangerous (it would be pushing people toward messing with a nuanced
and sensitive function they wouldn't otherwise have to).
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39550#comment:101>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list