check code rights on cloud files

author: zotlabs <mike@macgirvin.com> 2017-09-05 21:38:07 -0700
committer: zotlabs <mike@macgirvin.com> 2017-09-05 21:38:07 -0700
commit: 2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2 (patch)
tree: 6cf6d88406faa6303f72dd59c38b71cdff7bdb6b /Zotlabs/Module/Attach.php
parent: 7dc99cb4a4b3852e5c16ab71a7bac0e3dca1b2f4 (diff)
download: volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.tar.gz
volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.tar.bz2
volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/Zotlabs/Module/Attach.php b/Zotlabs/Module/Attach.php
index 94f46978a..490d5edd0 100644
--- a/Zotlabs/Module/Attach.php
+++ b/Zotlabs/Module/Attach.php
@@ -31,7 +31,7 @@ class Attach extends \Zotlabs\Web\Controller {
 	
 		$unsafe_types = array('text/html','text/css','application/javascript');
 	
-		if(in_array($r['data']['filetype'],$unsafe_types)) {
+		if(in_array($r['data']['filetype'],$unsafe_types) && (! channel_codeallowed($r['data']['uid']))) {
 				header('Content-type: text/plain');
 		}
 		else {
author	zotlabs <mike@macgirvin.com>	2017-09-05 21:38:07 -0700
committer	zotlabs <mike@macgirvin.com>	2017-09-05 21:38:07 -0700
commit	2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2 (patch)
tree	6cf6d88406faa6303f72dd59c38b71cdff7bdb6b /Zotlabs/Module/Attach.php
parent	7dc99cb4a4b3852e5c16ab71a7bac0e3dca1b2f4 (diff)
download	volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.tar.gz volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.tar.bz2 volse-hubzilla-2cce599fd7c45c1f2c3480eeb4e60d99d10d2ea2.zip