Don't trust the browser-provided mimetype if it looks bogus.
Review Request #6118 — Created July 19, 2014 and submitted
A user was reporting that their PDF file uploads were being assigned the
mimetype of "text/text/application/pdf", which is completely bogus. If
splitting on '/' produces anything other than a list of two strings, don't
allow it to proceed.
Ran unit tests.
-
Tool: PEP8 Style Checker Processed Files: reviewboard/attachments/forms.py Tool: Pyflakes Processed Files: reviewboard/attachments/forms.py
- Commit:
-
9babf6f8c1312aac937622c62d0b88f974519969d1d8ec2c44f801c05f6aef13c683e0dd54017df8
- Diff:
-
Revision 3 (+12 -6)