On 11/05/07, Oliver Schalch schalch@gmail.com wrote:
Aint $wgFileBlacklist has highest priority, so you have no way to upload files with extension in the blacklist, even if you add to $wgFileExtensions array.
I guess, he has to remove the 'cmd' from DefaultSettings.php...
The file blacklist is for your safety and your users' safety. Removing the extension from the blacklist would mean that a malicious user would be able to upload a Windows command line script (equivalent to a shell script) which could lead to execution rights on the client if downloaded, especially since Windows has an annoying habit of executing things left, right and centre.
You therefore remove this from the blacklist at your own risk.
Rob Church