Fixes #5103. Upload any file type: * or *.*

Fixes #5103. Upload any file type: * or .
2632c4a2 · Carsten Rose · 52994698 · 2632c4a2
Commit 2632c4a2 authored Mar 29, 2019 by Carsten Rose
--- a/extension/Documentation/Manual.rst
+++ b/extension/Documentation/Manual.rst
@@ -1571,7 +1571,7 @@ File upload

 By default the mime type of every uploaded file is checked against a white list of allowed mime types. The mime type of
 a file can be (easily) faked by an attacker. This check is good to handle regular user file upload for specific file types
-but won't help to prevent attacks against uploading and executing malicous code.
+but won't help to prevent attacks against uploading and executing malicious code.

 Instead prohibit the execution of user contributed files by the webserver config (`SecureDirectFileAccess`_).

@@ -1825,7 +1825,7 @@ Store: *VARS* - V
 +-------------------------+--------------------------------------------------------------------------------------------------------------------------------------------+
 | fileSize                | Size of the uploaded file.                                                                                                                 |
 +-------------------------+--------------------------------------------------------------------------------------------------------------------------------------------+
- | mimeType                | Mimetype of the uploaded file.                                                                                                             |
+ | mimeType                | Mime type of the uploaded file.                                                                                                             |
 +-------------------------+--------------------------------------------------------------------------------------------------------------------------------------------+


@@ -3677,6 +3677,7 @@ See also `downloadButton`_ to offer a download of an uploaded file.

    * List of mime types (also known as 'media types'): http://www.iana.org/assignments/media-types/media-types.xhtml
    * If none is specified, 'application/pdf' is set. This forces that always (!) one type is specified.
+    * To allow any type, specify ``*`` or ``*.*``
    * One or more media types might be specified, separated by ','.
    * Different browser respect the given definitions in different ways. Typically the 'file choose' dialog offer: