integration with IEContentAnalyzer for mime-type-detection xss prevention

Created on 9 January 2012, almost 13 years ago

Updated 26 October 2024, about 1 month ago

#462950: Mitigate the security risks that come from IE, Chrome and other browsers trying to sniff the mime type → may or may not get done, but this module could provide a solution in the mean time by integrating with IEContentAnalyzer.

This makes me think that it should be possible to stack the plugins so someone could scan with ClamAV and then scan with IEContentAnalyzer - not sure if that's part of the architecture or not.

✨ Feature request

Status

Closed: outdated

Version

1.0

Component

Code

Created by

🇺🇸United States greggles Denver, Colorado, USA

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment about 1 month ago →
🇬🇧United Kingdom manarth
The 7.x branch is deprecated and isn't expected to have any further updates. Closing this ticket as part of the issue-queue clean-up.
Comment about 1 month ago →
🇺🇸United States greggles Denver, Colorado, USA
Heh, yep, and I think IE mime sniffing is well out of date. Cheers.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024