Skip to content
Snippets Groups Projects
Commit e3c9e0f0 authored by Peter Rotich's avatar Peter Rotich Committed by Jared Hancock
Browse files

Always force server-side attachments validation 

osTicket supports filtering allowable files on the client-side via JS as
well as server-side on upload.

Ajax based upload skipped server-side validation with the assumption that
the client already validated the file upload. For most cases this is a valid
assumption (ajax only works if JS is enabled) but fails to account for cases
where HTTP requests is intercepted and changed on transit or the request is
posted directly to the ajax interface.

This commit forces server-side file upload validation.
parent b0e6e37d
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 1 deletion
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment