Bug #27098 ยป 27098.diff
| typo3/sysext/em/classes/index.php | ||
|---|---|---|
|
} elseif ($this->CMD['downloadFile'] && !in_array($extKey, $this->requiredExt)) {
|
||
|
// Link for downloading extension has been clicked - deliver content stream:
|
||
|
$dlFile = $this->CMD['downloadFile'];
|
||
|
$dlFile = urldecode($this->CMD['downloadFile']);
|
||
|
if (t3lib_div::isAllowedAbsPath($dlFile) && t3lib_div::isFirstPartOfStr($dlFile, PATH_site) && t3lib_div::isFirstPartOfStr($dlFile, $absPath) && @is_file($dlFile)) {
|
||
|
$mimeType = 'application/octet-stream';
|
||
|
Header('Content-Type: ' . $mimeType);
|
||