From 037af6890fe6fdb84a08d3c86083e847c90ec0ad Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 22 Oct 2013 08:17:26 -0400
Subject: [PATCH] Fix vulnerability in handling _session argument of utils/save-prefs (#1489382)

---
 config/mimetypes.php |    7 +++++++
 1 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/config/mimetypes.php b/config/mimetypes.php
index f0c1013..7665df3 100644
--- a/config/mimetypes.php
+++ b/config/mimetypes.php
@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * Local mapping file to specify mime-types based on common file-name extensions
+ *
+ * Please note that this mapping takes precedence over the content-based mime-type detection
+ * and should only contain mappings which cannot be detected properly from the file contents.
+ */
+
 return array(
   'xls' => 'application/vnd.ms-excel',
   'xlm' => 'application/vnd.ms-excel',

--
Gitblit v1.9.1