<
From version < 26.3 >
edited by Vincent Massol
on 2013/09/09
To version < 26.5 >
edited by Vincent Massol
on 2013/09/09
>
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -86,8 +86,12 @@
86 86  
87 87  In order to prevent XSS via FileUpload, a new feature has been added : you can now specify in xwiki.properties which types of attachment can be displayed inline.
88 88  In the "Attachment" section of xwiki.properties, you can either precise a whitelist of mimetypes that can be displayed inline, or precise a blacklist of mimetypes that shouldn't be displayed inline (if you use this configuration, it is strongly advised to blacklist at least "text/html" and "text/javascript" mimetypes for security reasons).
89 -Note that attachments provided by PR users won't be affected by these restrictions.
89 +Note that attachments provided by users having Programming Rights won't be affected by these restrictions.
90 90  
91 +== Miscellaneous ==
92 +
93 +* Added support for custom facets in Solr search API
94 +
91 91  == Deprecated and Retired projects ==
92 92  
93 93  <description of deprecated and retired projects>
... ... @@ -99,10 +99,6 @@
99 99  * [[HSQLDB 2.3.0>>http://jira.xwiki.org/browse/XE-1323]]
100 100  * [[Groovy 2.1.7>>http://jira.xwiki.org/browse/XCOMMONS-445]]
101 101  
102 -== Miscellaneous ==
103 -
104 -* Added support for custom facets in Solr search API
105 -
106 106  = Translations =
107 107  
108 108  The following translations have been updated:

Get Connected