diff options
Diffstat (limited to 'img_auth.php')
-rw-r--r-- | img_auth.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/img_auth.php b/img_auth.php index 26ba9413..0fe239ba 100644 --- a/img_auth.php +++ b/img_auth.php @@ -39,7 +39,7 @@ if ( $wgImgAuthPublicTest // Check for bug 28235: QUERY_STRING overriding the correct extension if ( isset( $_SERVER['QUERY_STRING'] ) - && preg_match( '/\.[a-z0-9]{1,4}(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) ) + && preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) ) { wfForbidden( 'img-auth-accessdenied', 'img-auth-bad-query-string' ); } |