diff options
| author | Jason A. Donenfeld | 2016-01-14 14:31:13 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld | 2016-01-14 14:31:13 +0100 |
| commit | 1c581a072651524f3b0d91f33e22a42c4166dd96 (patch) | |
| tree | 6f29692870f6c822e37f60b77de61f946d93b747 /ui-blob.c | |
| parent | ui-shared: prevent malicious filename from injecting headers (diff) | |
| download | cgit-1c581a072651524f3b0d91f33e22a42c4166dd96.tar.gz cgit-1c581a072651524f3b0d91f33e22a42c4166dd96.zip | |
ui-blob: Do not accept mimetype from user
Diffstat (limited to 'ui-blob.c')
| -rw-r--r-- | ui-blob.c | 1 |
1 files changed, 0 insertions, 1 deletions
| diff --git a/ui-blob.c b/ui-blob.c index 1ded839..2cce11c 100644 --- a/ui-blob.c +++ b/ui-blob.c | |||
| @@ -161,7 +161,6 @@ void cgit_print_blob(const char *hex, char *path, const char *head, int file_onl | |||
| 161 | } | 161 | } |
| 162 | 162 | ||
| 163 | buf[size] = '\0'; | 163 | buf[size] = '\0'; |
| 164 | ctx.page.mimetype = ctx.qry.mimetype; | ||
| 165 | if (!ctx.page.mimetype) { | 164 | if (!ctx.page.mimetype) { |
| 166 | if (buffer_is_binary(buf, size)) | 165 | if (buffer_is_binary(buf, size)) |
| 167 | ctx.page.mimetype = "application/octet-stream"; | 166 | ctx.page.mimetype = "application/octet-stream"; |