Very nice indeed, purty.. However I will not be the one making the decisions, I suggest taking a look at the bug report and perhaps linking to this there, its probably best suited in there as thats where the changes will be made from..
Yawnster
Consensus on Attachment Extensions..
Forum rules
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
Discussion of general topics related to the new release and its place in the world. Don't discuss new features, report bugs, ask for support, et cetera. Don't use this to spam for other boards or attack those boards!
- NNO-Stephen
- Registered User
- Posts: 398
- Joined: Fri May 23, 2003 12:47 am
- Location: Tulsa, Oklahoma
- Contact:
Re: Consensus on Attachment Extensions..
I'd like to make an additional request... .rtf
very common (especially for Mac users) since that's the default format of TextEdit, and it's open industry standard format which is useable in everything from Word, to OpenOffice, Word Pad, TextEdit, etc. etc. http://en.wikipedia.org/wiki/Rich_Text_Format" target="_blank I strongly support inclusion of this format.
very common (especially for Mac users) since that's the default format of TextEdit, and it's open industry standard format which is useable in everything from Word, to OpenOffice, Word Pad, TextEdit, etc. etc. http://en.wikipedia.org/wiki/Rich_Text_Format" target="_blank I strongly support inclusion of this format.
- Computer Geek
- Posts: 13
- Joined: Fri Aug 04, 2006 7:15 am
Re: Consensus on Attachment Extensions..
I would second that request...
RTF would be in the plain text category, it's non-scriptable, so it's safe.
RTF would be in the plain text category, it's non-scriptable, so it's safe.
Re: Consensus on Attachment Extensions..
RTF is already on the list, its currently listed under the Documents heading though, however I am sure it will get moved if the developers feel the need to..
Yawnster
Yawnster
- mansuetus
- Registered User
- Posts: 130
- Joined: Sun Dec 07, 2003 8:02 pm
- Location: Paris, France
- Contact:
Re: Consensus on Attachment Extensions..
I see b2z, is it a typo of bz2 ?
I also see .tar, .Z, .gz
but no .tgz which is a common contraction of .tar.gz (and .tar.Z ?)
What about .tex ? (LaTeX) I do not think many forums would use that, but anyway...
Moreover, is it possible when you had extension in the list to have a "warning, adding php files is very dangerous for the security... are you sure ?" ?
I also see .tar, .Z, .gz
but no .tgz which is a common contraction of .tar.gz (and .tar.Z ?)
What about .tex ? (LaTeX) I do not think many forums would use that, but anyway...
Moreover, is it possible when you had extension in the list to have a "warning, adding php files is very dangerous for the security... are you sure ?" ?
Petite publicité pour mon site : on présente des horoscopes qui tuent, on propose des tests,
et si tu cherches bien, tu verras même un phpBB![Smile :-)](./images/smilies/icon_e_smile.svg)
viens sur spontex.org !
et si tu cherches bien, tu verras même un phpBB
viens sur spontex.org !
Re: Consensus on Attachment Extensions..
mansuetus wrote: I see b2z, is it a typo of bz2 ?
I also see .tar, .Z, .gz
but no .tgz which is a common contraction of .tar.gz (and .tar.Z ?)
What about .tex ? (LaTeX) I do not think many forums would use that, but anyway...
Moreover, is it possible when you had extension in the list to have a "warning, adding php files is very dangerous for the security... are you sure ?" ?
Aha yes it is a typo, will fix it in a minute..
As for .tgz you make a good point, I will also add this to the list..
I dont think .tex files would be really needed as not many users will wish to share this type of file, espically as this is only an attachment feature and not a download manager..
To my knowledge there is already a filter that will not accept any problematic security files..
Yawnster
- EXreaction
- Registered User
- Posts: 1555
- Joined: Sat Sep 10, 2005 2:15 am
Re: Consensus on Attachment Extensions..
Yawnster wrote: To my knowledge there is already a filter that will not accept any problematic security files..
Yawnster
Actually, you can have it allow any type of files...
Test it by allowing php files to be uploaded and upload one...
I still like my idea of changing the attachment extensions...
.phpbb
(or mabey that could be a problem if .php* was parsed with php as a php file...)
Re: Consensus on Attachment Extensions..
I still say that it should be possible for the admins to allow *any* filetype, at their discretion. Admins are already capable of causing many security issues in other aspects of the forum, so why should they be crippled by an artificial limitation in this area?
In phpBB 2, the admins could enable HTML tags by adding them to the list. Why not do the same for attachment extensions?
Your list would make for a good default set of extensions, but ultimately this is a decision that should be left up to the admin.
To my understanding, the attachment feature uploads the file to the server, whereas the BBcode feature just hotlinks the file from another server.
This is far from identical functionality. Many users lack the ability to upload files conveniently.
It would be a considerable risk to allow it in a public forum, but I run multiple private forums and think that I should be able to make that decision for myself.
In phpBB 2, the admins could enable HTML tags by adding them to the list. Why not do the same for attachment extensions?
Your list would make for a good default set of extensions, but ultimately this is a decision that should be left up to the admin.
Yawnster wrote: SWF - Use the [flash] BBcode Instead.. Almost identical functionality..
To my understanding, the attachment feature uploads the file to the server, whereas the BBcode feature just hotlinks the file from another server.
This is far from identical functionality. Many users lack the ability to upload files conveniently.
It would be a considerable risk to allow it in a public forum, but I run multiple private forums and think that I should be able to make that decision for myself.
Re: Consensus on Attachment Extensions..
Omnidon wrote: I still say that it should be possible for the admins to allow *any* filetype, at their discretion. Admins are already capable of causing many security issues in other aspects of the forum, so why should they be crippled by an artificial limitation in this area?
You are able to add/allow any filetype you wish - i do not know who said that this is not possible.
-
- Registered User
- Posts: 1
- Joined: Mon May 29, 2006 6:02 pm
Re: Consensus on Attachment Extensions..
WAV files are all well and good for a specialized forum, but for defaults, I don't think that's a good idea. The recorder might be the only program that writes .wav automatically, but any conversion program out there writes to .wav, and someone could purposely make a huge .wav file to upload and take up space. Of course, if there is, as I suspect, a way of limiting attachment size, then my argument is void, and I just typed all of this for nothing. However, in that case, you still would not want to allow anything very big, because there are plenty of other file types that could be made to take up that much space as well. Just a thought.