OSDev.org

At some point (probably during the upgrade) it seems like the list of allowed file extensions for attachments was changed. The current list of allowed file extensions is... interesting, but It's easy enough to rename files to one of the allowed extensions before uploading.

It turns out, though, you also can't download attachments with forbidden extensions. Here's a random example I stumbled across.

I don't know if changing the list of allowed file extensions would be worth the effort, but I figured I'd point it out anyway.

Octocontrabass wrote: ↑Tue Aug 20, 2024 5:48 pm It turns out, though, you also can't download attachments with forbidden extensions. Here's a random example I stumbled across.

It let me download that without warning or error. No idea why.

eekee wrote: ↑Wed Aug 21, 2024 8:37 pmIt let me download that without warning or error.

All three files?

I can confirm that the ld and asm files are now hidden. Honestly, not sure what an extension filter is supposed to do if you can still upload all files by just renaming them.

Octocontrabass wrote: ↑Wed Aug 21, 2024 9:23 pm

eekee wrote: ↑Wed Aug 21, 2024 8:37 pmIt let me download that without warning or error.

All three files?

Derp! Sorry, no; ld and asm are blocked without even a link.

nullplan wrote: ↑Wed Aug 21, 2024 9:45 pm I can confirm that the ld and asm files are now hidden. Honestly, not sure what an extension filter is supposed to do if you can still upload all files by just renaming them.

It's certainly close to just being security theater, but not entirely there. I think it's good for boards with non-technical users, particularly new non-technical users. Do we gain anything from it at all?

I've added ld and asm to the allowed list.