Browse Source

Remove text/html as a safe mimetype

The non-default safe mimetype in gerrit exists purely to proect installs
against setting this - when set, downloading a text/html file will
result in that file being rendered.

Change-Id: I648ada0b26aaf35ece9ef57f609b46f23f6e422a
changes/19/332219/1
Gregory Haynes 3 years ago
parent
commit
8573c2ee17
1 changed files with 0 additions and 2 deletions
  1. +0
    -2
      templates/gerrit.config.erb

+ 0
- 2
templates/gerrit.config.erb View File

@@ -202,8 +202,6 @@
safe = true
[mimetype "text/plain"]
safe = true
[mimetype "text/html"]
safe = true
[mimetype "text/x-puppet"]
safe = true
[mimetype "text/x-ini"]

Loading…
Cancel
Save