On Sep 17, 2004, at 10:50 PM, Aidan wrote:
And I've de-commented the disable in LocalSettings. The other file types work just fine, including the other ones I added, gif and pdf, but I can't get html files to work, it just tells me that ' ".html" is not a recommended image file format. '
.html is in the extension blacklist, since arbitrary HTML files can be used in cross-site scripting attacks to try to grab session and saved password cookies and such.
If you're sure you want to allow it, remove it from the blacklist.
-- brion vibber (brion @ pobox.com)