forgejo/modules
silverwind cda44750cb
Attachments: Add extension support, allow all types for releases ()
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-05 01:49:33 -04:00
..
analyze
auth hCaptcha Support () 2020-10-02 23:37:53 -04:00
avatar
base Use a simple format for the big number on ui () 2020-09-16 00:07:18 -04:00
cache Allow common redis and leveldb connections () 2020-09-28 00:09:46 +03:00
charset
context Return sample message for login error in api context () 2020-10-04 17:39:31 -04:00
convert [] Add Timestamp to Tag list API () 2020-10-05 12:07:54 +08:00
cron
emoji
eventsource
generate
git Fix 500 on README in submodule () 2020-10-02 09:27:44 -04:00
gitgraph
graceful
hcaptcha hCaptcha Support () 2020-10-02 23:37:53 -04:00
highlight
httplib
indexer fix: use Base36 for all code indexers () 2020-09-14 13:40:07 +03:00
lfs
log
markup fix: media links in org files not liked to media files () 2020-10-01 11:22:34 -04:00
metrics
migrations Hopefully support GH enterprise () 2020-09-21 10:36:51 -04:00
nosql Allow common redis and leveldb connections () 2020-09-28 00:09:46 +03:00
notification Fix repository create/delete event webhooks () 2020-10-02 10:37:46 +01:00
options
password
pprof
private
process
public
queue Fix the issue reported on () 2020-09-28 19:00:54 -04:00
recaptcha hCaptcha Support () 2020-10-02 23:37:53 -04:00
references
repofiles Add configurable Trust Models () 2020-09-20 00:44:55 +08:00
repository Completely quote AppPath and CustomConf paths () 2020-09-28 21:16:52 -04:00
secret Attachments: Add extension support, allow all types for releases () 2020-10-05 01:49:33 -04:00
session Allow common redis and leveldb connections () 2020-09-28 00:09:46 +03:00
setting Attachments: Add extension support, allow all types for releases () 2020-10-05 01:49:33 -04:00
ssh
storage Add default storage configurations () 2020-09-29 12:05:13 +03:00
structs [] Add Timestamp to Tag list API () 2020-10-05 12:07:54 +08:00
svg
sync
task [API] Migration: Change ServiceType String () 2020-09-10 23:29:19 +01:00
templates Use a simple format for the big number on ui () 2020-09-16 00:07:18 -04:00
test
timeutil
upload Attachments: Add extension support, allow all types for releases () 2020-10-05 01:49:33 -04:00
user
util Completely quote AppPath and CustomConf paths () 2020-09-28 21:16:52 -04:00
validation
webhook