Consensus on Attachment Extensions..

Discussion of general topics related to the new version and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Post Reply
Yawnster
Registered User
Posts: 342
Joined: Sat Jan 29, 2005 9:18 pm
Location: London, UK
Contact:

Re: Consensus on Attachment Extensions..

Post by Yawnster »

Very nice indeed, purty.. However I will not be the one making the decisions, I suggest taking a look at the bug report and perhaps linking to this there, its probably best suited in there as thats where the changes will be made from..

Yawnster
User avatar
NNO-Stephen
Registered User
Posts: 398
Joined: Fri May 23, 2003 12:47 am
Location: Tulsa, Oklahoma
Contact:

Re: Consensus on Attachment Extensions..

Post by NNO-Stephen »

I'd like to make an additional request... .rtf

very common (especially for Mac users) since that's the default format of TextEdit, and it's open industry standard format which is useable in everything from Word, to OpenOffice, Word Pad, TextEdit, etc. etc. http://en.wikipedia.org/wiki/Rich_Text_Format" target="_blank I strongly support inclusion of this format.
Image
User avatar
Computer Geek
Posts: 13
Joined: Fri Aug 04, 2006 7:15 am

Re: Consensus on Attachment Extensions..

Post by Computer Geek »

I would second that request...

RTF would be in the plain text category, it's non-scriptable, so it's safe.
Yawnster
Registered User
Posts: 342
Joined: Sat Jan 29, 2005 9:18 pm
Location: London, UK
Contact:

Re: Consensus on Attachment Extensions..

Post by Yawnster »

RTF is already on the list, its currently listed under the Documents heading though, however I am sure it will get moved if the developers feel the need to..

Yawnster
User avatar
mansuetus
Registered User
Posts: 130
Joined: Sun Dec 07, 2003 8:02 pm
Location: Paris, France
Contact:

Re: Consensus on Attachment Extensions..

Post by mansuetus »

I see b2z, is it a typo of bz2 ?

I also see .tar, .Z, .gz

but no .tgz which is a common contraction of .tar.gz (and .tar.Z ?)

What about .tex ? (LaTeX) I do not think many forums would use that, but anyway...

Moreover, is it possible when you had extension in the list to have a "warning, adding php files is very dangerous for the security... are you sure ?" ?
Petite publicité pour mon site : on présente des horoscopes qui tuent, on propose des tests,
et si tu cherches bien, tu verras même un phpBB :-)
viens sur spontex.org !
Yawnster
Registered User
Posts: 342
Joined: Sat Jan 29, 2005 9:18 pm
Location: London, UK
Contact:

Re: Consensus on Attachment Extensions..

Post by Yawnster »

mansuetus wrote: I see b2z, is it a typo of bz2 ?

I also see .tar, .Z, .gz

but no .tgz which is a common contraction of .tar.gz (and .tar.Z ?)

What about .tex ? (LaTeX) I do not think many forums would use that, but anyway...

Moreover, is it possible when you had extension in the list to have a "warning, adding php files is very dangerous for the security... are you sure ?" ?


Aha yes it is a typo, will fix it in a minute..

As for .tgz you make a good point, I will also add this to the list..

I dont think .tex files would be really needed as not many users will wish to share this type of file, espically as this is only an attachment feature and not a download manager..

To my knowledge there is already a filter that will not accept any problematic security files..

Yawnster
User avatar
EXreaction
Registered User
Posts: 1555
Joined: Sat Sep 10, 2005 2:15 am

Re: Consensus on Attachment Extensions..

Post by EXreaction »

Yawnster wrote: To my knowledge there is already a filter that will not accept any problematic security files..

Yawnster


Actually, you can have it allow any type of files...

Test it by allowing php files to be uploaded and upload one... :P

I still like my idea of changing the attachment extensions...
.phpbb
(or mabey that could be a problem if .php* was parsed with php as a php file...)

:mrgreen:
Omnidon
Posts: 5
Joined: Wed Aug 16, 2006 7:23 am

Re: Consensus on Attachment Extensions..

Post by Omnidon »

I still say that it should be possible for the admins to allow *any* filetype, at their discretion. Admins are already capable of causing many security issues in other aspects of the forum, so why should they be crippled by an artificial limitation in this area?

In phpBB 2, the admins could enable HTML tags by adding them to the list. Why not do the same for attachment extensions?

Your list would make for a good default set of extensions, but ultimately this is a decision that should be left up to the admin.
Yawnster wrote: SWF - Use the [flash] BBcode Instead.. Almost identical functionality..


To my understanding, the attachment feature uploads the file to the server, whereas the BBcode feature just hotlinks the file from another server.
This is far from identical functionality. Many users lack the ability to upload files conveniently.

It would be a considerable risk to allow it in a public forum, but I run multiple private forums and think that I should be able to make that decision for myself.
User avatar
Acyd Burn
Posts: 1838
Joined: Tue Oct 08, 2002 5:18 pm
Location: Behind You
Contact:

Re: Consensus on Attachment Extensions..

Post by Acyd Burn »

Omnidon wrote: I still say that it should be possible for the admins to allow *any* filetype, at their discretion. Admins are already capable of causing many security issues in other aspects of the forum, so why should they be crippled by an artificial limitation in this area?


You are able to add/allow any filetype you wish - i do not know who said that this is not possible.

Image
malkierian
Registered User
Posts: 1
Joined: Mon May 29, 2006 6:02 pm

Re: Consensus on Attachment Extensions..

Post by malkierian »

WAV files are all well and good for a specialized forum, but for defaults, I don't think that's a good idea. The recorder might be the only program that writes .wav automatically, but any conversion program out there writes to .wav, and someone could purposely make a huge .wav file to upload and take up space. Of course, if there is, as I suspect, a way of limiting attachment size, then my argument is void, and I just typed all of this for nothing. However, in that case, you still would not want to allow anything very big, because there are plenty of other file types that could be made to take up that much space as well. Just a thought.
Post Reply