Commits

Anonymous committed 2c6b5d8 Merge

Merge branch 'jn/mime-type-with-params'

* jn/mime-type-with-params:
gitweb: Fix usability of $prevent_xss

  • Participants
  • Parent commits eca4f3b, bee6ea1

Comments (0)

Files changed (1)

gitweb/gitweb.perl

 	# want to be sure not to break that by serving the image as an
 	# attachment (though Firefox 3 doesn't seem to care).
 	my $sandbox = $prevent_xss &&
-		$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))$!;
+		$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))(?:[ ;]|$)!;
 
 	print $cgi->header(
 		-type => $type,