Open main menu

手册:$wgFileBlacklist

This page is a translated version of the page Manual:$wgFileBlacklist and the translation is 62% complete.
Outdated translations are marked like this.
Other languages:
English • ‎español • ‎français • ‎italiano • ‎magyar • ‎polski • ‎русский • ‎తెలుగు • ‎中文 • ‎日本語
上传: $wgFileBlacklist
不允许将具有这些扩展名的文件上传。
引进版本:1.2.0
移除版本:仍在使用
允许的值:(数组)
默认值:(见下文)

详情

当$CheckFileExtensions 设置为true时,带有这些后缀名的文件将不允许上传。

下方为它的默认值:

/**
 * Files with these extensions will never be allowed as uploads.
 * An array of file extensions to blacklist. You should append to this array
 * if you want to blacklist additional files.
 */
$wgFileBlacklist = [
  # HTML may contain cookie-stealing JavaScript and web bugs
	'html', 'htm', 'js', 'jsb', 'mhtml', 'mht', 'xhtml', 'xht',
  # PHP scripts may execute arbitrary code on the server
	'php', 'phtml', 'php3', 'php4', 'php5', 'phps', 'phar',
  # Other types that may be interpreted by some servers
	'shtml', 'jhtml', 'pl', 'py', 'cgi',
  # May contain harmful executables for Windows victims
	'exe', 'scr', 'dll', 'msi', 'vbs', 'bat', 'com', 'pif', 'cmd', 'vxd', 'cpl' ];

$wgFileBlacklist 优先于$wgFileExtensions ,所以您必须先从黑名单中移除该后缀名,然后才能上传具有该后缀名的文件。 举例来说,要允许用户上传可执行文件,请将下面的内容添加至LocalSettings.php 中:

$wgFileExtensions[] = 'exe';
$wgFileBlacklist = array_diff( $wgFileBlacklist, array ('exe') );

另请参阅