Last modified by Thomas Mortagne on 2017/03/24

<
From version < 26.5 >
edited by Vincent Massol
on 2013/09/09
To version < 26.3 >
edited by Vincent Massol
on 2013/09/09
>
Change comment: fix broken link

Summary

Details

Page properties
Content
... ... @@ -86,12 +86,8 @@
86 86  
87 87  In order to prevent XSS via FileUpload, a new feature has been added : you can now specify in xwiki.properties which types of attachment can be displayed inline.
88 88  In the "Attachment" section of xwiki.properties, you can either precise a whitelist of mimetypes that can be displayed inline, or precise a blacklist of mimetypes that shouldn't be displayed inline (if you use this configuration, it is strongly advised to blacklist at least "text/html" and "text/javascript" mimetypes for security reasons).
89 -Note that attachments provided by users having Programming Rights won't be affected by these restrictions.
89 +Note that attachments provided by PR users won't be affected by these restrictions.
90 90  
91 -== Miscellaneous ==
92 -
93 -* Added support for custom facets in Solr search API
94 -
95 95  == Deprecated and Retired projects ==
96 96  
97 97  <description of deprecated and retired projects>
... ... @@ -103,6 +103,10 @@
103 103  * [[HSQLDB 2.3.0>>http://jira.xwiki.org/browse/XE-1323]]
104 104  * [[Groovy 2.1.7>>http://jira.xwiki.org/browse/XCOMMONS-445]]
105 105  
102 +== Miscellaneous ==
103 +
104 +* Added support for custom facets in Solr search API
105 +
106 106  = Translations =
107 107  
108 108  The following translations have been updated:

Get Connected