Page MenuHomePhabricator

Enforce Security Policies on Files / attachments
Closed, ResolvedPublic

Description

See upstream bug https://secure.phabricator.com/T4589

For our purposes I am going to try to implement a sane default policy for files and do so with minimal patching to upstream code.

Details

Reference
fl477

Event Timeline

flimport raised the priority of this task from to High.Sep 12 2014, 1:42 AM
flimport set Reference to fl477.

mmodell wrote on 2014-07-22 11:49:07 (UTC)

The Patch: https://gerrit.wikimedia.org/r/#/c/148360/

aklapper wrote on 2014-07-22 18:05:57 (UTC)

Does this additionally require fixing https://secure.phabricator.com/T5685 ?

mmodell wrote on 2014-07-23 18:26:17 (UTC)

@Aklapper: To fix it properly, yes. I'm going to attempt to develop a patch for https://secure.phabricator.com/T5685 and get it submitted for review upstream.

mmodell wrote on 2014-07-25 16:47:33 (UTC)

Work in progress: https://secure.phabricator.com/D10054

aklapper wrote on 2014-08-05 23:06:59 (UTC)

Status: https://gerrit.wikimedia.org/r/#/c/148360/ merged on our side and to be "updated" once https://secure.phabricator.com/T5685 sorted out (canCDN flag to be set).

mmodell wrote on 2014-08-11 17:39:28 (UTC)

All done upstream: https://secure.phabricator.com/T5685

importing issue status

flimport closed this task as Resolved.Sep 12 2014, 1:42 AM
flimport added a subscriber: mmodell.