gitea

Commit Graph

Author	SHA1	Message	Date
Kemal Zebari	7adc4717ec	Include file extension checks in attachment API (#32151 ) From testing, I found that issue posters and users with repository write access are able to edit attachment names in a way that circumvents the instance-level file extension restrictions using the edit attachment APIs. This snapshot adds checks for these endpoints.	4 months ago

Author

SHA1

Message

Date

Kemal Zebari

7adc4717ec

Include file extension checks in attachment API (#32151 )

From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.

1 Commits (48183d2b05e2f71f16289d994a11c5fa0e6b4e69)