lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix regression in website module to get javascript files

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-17 20:55:20 +02:00
parent 0f0e4feeaf
commit f5908c29da
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/document.php
View File

@ -157,7 +157,8 @@ $type = 'application/octet-stream'; // By default
if (GETPOST('type', 'alpha')) $type = GETPOST('type', 'alpha'); if (GETPOST('type', 'alpha')) $type = GETPOST('type', 'alpha');
else $type = dol_mimetype($original_file); else $type = dol_mimetype($original_file);
// Security: Force to octet-stream if file is a dangerous file. For example when it is a .noexe file // Security: Force to octet-stream if file is a dangerous file. For example when it is a .noexe file
if (!dolIsAllowedForPreview($original_file)) { // We do not force if file is a javascript to be able to get js from website module with <script src="
if (! in_array($type, array('text/x-javascript')) && !dolIsAllowedForPreview($original_file)) {
$type = 'application/octet-stream'; $type = 'application/octet-stream';
} }