-
This change targets a couple of things: - The global constant "FILE_DENY_PATTERN_DEFAULT" is moved to a class constant - The global constant "PHP_EXTENSIONS_DEFAULT" which is not in use anymore, is removed. - The security aspect of checking against the fileDenyPattern is extracted into its own Class where - The fileDenyPattern can never be empty, but only be set via DefaultConfiguration. This makes it easier to test this functionality, a single object is taking over the responsibility, and the logic is now in one place. Also, the non-usage of the global constant makes life easier. Resolves: #90147 Releases: master Change-Id: I9db0d6fc3b10f75a3735017cb9ac0d9bfd4ff02b Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/62843 Tested-by:
Oliver Hader <oliver.hader@typo3.org> Tested-by:
TYPO3com <noreply@typo3.com> Tested-by:
Georg Ringer <georg.ringer@gmail.com> Reviewed-by:
e3d0d14a
