Issues

ZF-9133: Special option that would allow to use mime-type from HTTP headers

Issue Type: Improvement Created: 2010-02-10T03:26:26.000+0000 Last Updated: 2010-02-12T03:45:42.000+0000 Status: Resolved Fix version(s): - 1.10.2 (24/Feb/10)

Reporter: Andrew Kozlov (bonch) Assignee: Thomas Weidner (thomas) Tags: - Zend_File_Transfer

Related issues: - ZF-8733

Attachments:

Description

Zend_File_Transfer_Adapter_Abstract::_detectMimeType() method does not check the mime-type using HTTP headers, that may be quite safe if you are use a web server module, such as mod_mime_magic. I propose to add a special option that would allow to use mime-type from HTTP headers ($_FILES array).

Comments

Posted by Thomas Weidner (thomas) on 2010-02-12T03:44:51.000+0000

For security reasons this has been removed in request by the dev team.

Therefor this issue is closed as won't fix.

Posted by Thomas Weidner (thomas) on 2010-02-12T03:45:42.000+0000

Related security issue

Have you found an issue?

See the Overview section for more details.

Copyright

© 2006-2016 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts