diff --git a/src/LfmPath.php b/src/LfmPath.php index 038cc9d2..b9a778c5 100644 --- a/src/LfmPath.php +++ b/src/LfmPath.php @@ -253,7 +253,7 @@ public function validateUploadedFile($file) $validator->nameIsNotDuplicate($this->getNewName($file), $this); } - $validator->isNotExcutable(); + $validator->isNotExcutable(config('lfm.disallowed_mimetypes', ['text/x-php', 'text/html', 'text/plain'])); if (config('lfm.should_validate_mime', false)) { $validator->mimeTypeIsValid($this->helper->availableMimeTypes()); diff --git a/src/LfmUploadValidator.php b/src/LfmUploadValidator.php index 1aeb4267..0d2d4b56 100644 --- a/src/LfmUploadValidator.php +++ b/src/LfmUploadValidator.php @@ -61,13 +61,11 @@ public function nameIsNotDuplicate($new_file_name, LfmPath $lfm_path) return $this; } - public function isNotExcutable() + public function isNotExcutable($excutable_mimetypes) { $mimetype = $this->file->getMimeType(); - $excutable = ['text/x-php']; - - if (in_array($mimetype, $excutable)) { + if (in_array($mimetype, $excutable_mimetypes)) { throw new ExcutableFileException(); } diff --git a/src/config/lfm.php b/src/config/lfm.php index e8c4fd43..5c418126 100644 --- a/src/config/lfm.php +++ b/src/config/lfm.php @@ -113,6 +113,9 @@ // setting it to false show `error-file-exist` error and stop upload 'over_write_on_duplicate' => false, + // mimetypes of executables to prevent from uploading + 'disallowed_mimetypes' => ['text/x-php', 'text/html', 'text/plain'], + // Item Columns 'item_columns' => ['name', 'url', 'time', 'icon', 'is_file', 'is_image', 'thumb_url'],