deadcxap/0x0
1
0
Fork 0
mirror of https://git.0x0.st/mia/0x0.git synced 2026-01-09 20:11:46 +03:00
Code Issues Packages Projects Releases Wiki Activity

Prevent unreasonably long MIME types

Browse Source
This commit is contained in:
Mia Herkt
2022-12-13 23:41:12 +01:00
parent 77801efd21
commit 57c4b6853f
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
fhost.py
View File

@@ -227,6 +227,9 @@ class File(db.Model):
if mime in app.config["FHOST_MIME_BLACKLIST"] or guess in app.config["FHOST_MIME_BLACKLIST"]: if mime in app.config["FHOST_MIME_BLACKLIST"] or guess in app.config["FHOST_MIME_BLACKLIST"]:
abort(415) abort(415)
if len(mime) > 128:
abort(400)
if mime.startswith("text/") and not "charset" in mime: if mime.startswith("text/") and not "charset" in mime:
mime += "; charset=utf-8" mime += "; charset=utf-8"