Remove text/html as a safe mimetype

The non-default safe mimetype in gerrit exists purely to proect installs against setting this - when set, downloading a text/html file will result in that file being rendered. Change-Id: I648ada0b26aaf35ece9ef57f609b46f23f6e422a
2016-06-21 15:42:02 +00:00
parent c785f75dda
commit 8573c2ee17
1 changed files with 0 additions and 2 deletions
--- a/templates/gerrit.config.erb
+++ b/templates/gerrit.config.erb
@@ -202,8 +202,6 @@
        safe = true
 [mimetype "text/plain"]
        safe = true
-[mimetype "text/html"]
-        safe = true
 [mimetype "text/x-puppet"]
        safe = true
 [mimetype "text/x-ini"]