Changes for page Release Notes for XWiki 5.2 Milestone 2
Last modified by Thomas Mortagne on 2017/03/24
Change comment:
There is no comment for this version
Summary
-
Page properties (1 modified, 0 added, 0 removed)
Details
- Page properties
-
- Content
-
... ... @@ -86,7 +86,7 @@ 86 86 87 87 In order to prevent XSS via FileUpload, a new feature has been added : you can now specify in xwiki.properties which types of attachment can be displayed inline. 88 88 In the "Attachment" section of xwiki.properties, you can either precise a whitelist of mimetypes that can be displayed inline, or precise a blacklist of mimetypes that shouldn't be displayed inline (if you use this configuration, it is strongly advised to blacklist at least "text/html" and "text/javascript" mimetypes for security reasons). 89 -Note that attachments provided by PRusers won't be affected by these restrictions.89 +Note that attachments provided by users having Programming Rights won't be affected by these restrictions. 90 90 91 91 == Deprecated and Retired projects == 92 92