Add test coverage for .phar in the dangerous extensions list

Created on 22 May 2025, 3 months ago

Problem/Motivation

This is a public follow-up issue stemming from SA-CORE-2019-002 β†’ .

The .phar file extension was added to the `INSECURE_EXTENSIONS` list. We should add a test to ensure that this keeps working.

Proposed resolution

Add this test case to SecurityFileUploadEventSubscriberTest::provideFilenames()

Remaining tasks

Write the test.

User interface changes

None.

Introduced terminology

None.

API changes

None.

Data model changes

None.

Release notes snippet

πŸ“Œ Task
Status

Active

Version

11.2 πŸ”₯

Component

file system

Created by

πŸ‡ΊπŸ‡ΈUnited States akalata

Live updates comments and jobs are added and updated live.
  • Security Advisory follow-up

    This tag is to be applied to issues where an official security release has been made, but the fix needs to be ported to the development version of the code.

Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024