Skip to content

Commit

Permalink
Merge branch 'jn/mime-type-with-params'
Browse files Browse the repository at this point in the history 
* jn/mime-type-with-params:
  gitweb: Fix usability of $prevent_xss
  • Loading branch information
Junio C Hamano committed Jun 6, 2011
2 parents eca4f3b + bee6ea1 commit 2c6b5d8
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion gitweb/gitweb.perl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6127,7 +6127,7 @@ sub git_blob_plain {
# want to be sure not to break that by serving the image as an
# attachment (though Firefox 3 doesn't seem to care).
my $sandbox = $prevent_xss &&
$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))$!;
$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))(?:[ ;]|$)!;

print $cgi->header(
-type => $type,
Expand Down

0 comments on commit 2c6b5d8

Please sign in to comment.