aboutsummaryrefslogtreecommitdiffstats
path: root/vendor/blueimp/jquery-file-upload/SECURITY.md
diff options
context:
space:
mode:
Diffstat (limited to 'vendor/blueimp/jquery-file-upload/SECURITY.md')
-rw-r--r--vendor/blueimp/jquery-file-upload/SECURITY.md4
1 files changed, 2 insertions, 2 deletions
diff --git a/vendor/blueimp/jquery-file-upload/SECURITY.md b/vendor/blueimp/jquery-file-upload/SECURITY.md
index db58f7dd7..3e3d3a610 100644
--- a/vendor/blueimp/jquery-file-upload/SECURITY.md
+++ b/vendor/blueimp/jquery-file-upload/SECURITY.md
@@ -113,7 +113,7 @@ location ^~ /path/to/project/server/php/files {
```
## Secure image processing configurations
-The following configuration mitigates [potential image processing vulnerabilities with ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php+imagemagick) by limiting the attack vectors to a small subset of image types (`GIF/JPEG/PNG`).
+The following configuration mitigates [potential image processing vulnerabilities with ImageMagick](VULNERABILITIES.md#potential-vulnerabilities-with-php-imagemagick) by limiting the attack vectors to a small subset of image types (`GIF/JPEG/PNG`).
Please also consider using alternative, safer image processing libraries like [libvips](https://github.com/libvips/libvips) or [imageflow](https://github.com/imazen/imageflow).
@@ -128,6 +128,6 @@ To do so, locate the ImageMagick `policy.xml` configuration file and add the fol
<!-- ... -->
<policy domain="delegate" rights="none" pattern="*" />
<policy domain="coder" rights="none" pattern="*" />
- <policy domain="coder" rights="read | write" pattern="{GIF,JPEG,PNG}" />
+ <policy domain="coder" rights="read | write" pattern="{GIF,JPEG,JPG,PNG}" />
</policymap>
```
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 04:19:22 +0000