Author: chris
Description:
The UploadForm::Verify() method will still fail really basic html files, even
when the extension is whitelisted, removed from the blacklist, and file
extensions aren't checked nor strict. The only way to upload html files was to
comment out the $this->verify() section of SpecialUpload.php (lines 210-212).
I'm deploying this mediawiki on my corporate intranet, so all users are trusted.
There should be some way to express this trust in the user settings, without
commenting out useful code like verify().
Version: 1.17.x
Severity: normal