Pre-selected file types

  • Resolved Gerinho

    (@ginhofresh)


    3 years ago

    @davideairaghi first of all, thanks for creating this plugin. It makes having client-side control over individual file types via UI a breeze.

    I have two questions regarding security:

    1.) Upon install these are always pre-activated: .bz2|.tgz|.txz|.xz
    Why is that? Is it for WordPress core, updates, etc? I believe all are compressed packages file types and as far I can reason then these must be active for WordPress core & updates. But I’m not sure and if they’re optional, I’d rather turn them off to minimize potential attacking surface.

    2.) Currently using it with WP v5.8.2
    Although the plugin not updated for a while; is it still safe & compatible to use nowadays? I do have some server-side security in place, but as I said above, this little plugin makes control & overview a bit easier to work with from the client side.

    • This topic was modified 3 years ago by Gerinho. Reason: laying out questions and comments more clearly
Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author davide.airaghi

    (@davideairaghi)

    1) those types are enabled to make sure compressed archives that are standard ones on *nix platforms are accepted
    2) i released a new version compatible with WP 5.8.2, waiting for WP team’s approval

    Thread Starter Gerinho

    (@ginhofresh)

    Many thanks for replying @davideairaghi

    1.)
    Already had a hunch that this was the purpose. Though, I always disable them after activating the plugin, until now I haven’t noticed any troublesome errors by doing that. Is it vital to leave them on, e.g. for any (WP) core or server processes involved? Can I have missed and caused faulty processes by disabling them?

    2.)
    Ah, I see. Yesterday I’ve noticed the plugin was removed from WP Plugin repo and was a bit surprised, but now I know what’s the cause. Hopefully the new version gets approved.

    Plugin Author davide.airaghi

    (@davideairaghi)

    as far as i know it’s not a problem deselecting .bz2|.tgz|.txz|.xz ??

    Thread Starter Gerinho

    (@ginhofresh)

    Alright, thanks

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Pre-selected file types’ is closed to new replies.

Tags