|
|
|
@ -151,6 +151,15 @@
|
|
|
|
|
persistent-hint
|
|
|
|
|
hint='Should SVG uploads be scanned for vulnerabilities and stripped of any potentially unsafe content.'
|
|
|
|
|
)
|
|
|
|
|
v-divider.mt-3
|
|
|
|
|
v-switch(
|
|
|
|
|
inset
|
|
|
|
|
label='Force Download of Unsafe Extensions'
|
|
|
|
|
color='primary'
|
|
|
|
|
v-model='config.uploadForceDownload'
|
|
|
|
|
persistent-hint
|
|
|
|
|
hint='Should non-image files be forced as downloads when accessed directly. This prevents potential XSS attacks via unsafe file extensions uploads.'
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
v-card.mt-3.animated.fadeInUp.wait-p2s
|
|
|
|
|
v-toolbar(flat, color='primary', dark, dense)
|
|
|
|
@ -252,6 +261,7 @@ export default {
|
|
|
|
|
uploadMaxFileSize: 0,
|
|
|
|
|
uploadMaxFiles: 0,
|
|
|
|
|
uploadScanSVG: true,
|
|
|
|
|
uploadForceDownload: true,
|
|
|
|
|
securityOpenRedirect: true,
|
|
|
|
|
securityIframe: true,
|
|
|
|
|
securityReferrerPolicy: true,
|
|
|
|
@ -297,6 +307,7 @@ export default {
|
|
|
|
|
$uploadMaxFileSize: Int
|
|
|
|
|
$uploadMaxFiles: Int
|
|
|
|
|
$uploadScanSVG: Boolean
|
|
|
|
|
$uploadForceDownload: Boolean
|
|
|
|
|
$securityOpenRedirect: Boolean
|
|
|
|
|
$securityIframe: Boolean
|
|
|
|
|
$securityReferrerPolicy: Boolean
|
|
|
|
@ -319,6 +330,7 @@ export default {
|
|
|
|
|
uploadMaxFileSize: $uploadMaxFileSize,
|
|
|
|
|
uploadMaxFiles: $uploadMaxFiles,
|
|
|
|
|
uploadScanSVG: $uploadScanSVG
|
|
|
|
|
uploadForceDownload: $uploadForceDownload,
|
|
|
|
|
securityOpenRedirect: $securityOpenRedirect,
|
|
|
|
|
securityIframe: $securityIframe,
|
|
|
|
|
securityReferrerPolicy: $securityReferrerPolicy,
|
|
|
|
@ -350,6 +362,7 @@ export default {
|
|
|
|
|
uploadMaxFileSize: _.toSafeInteger(_.get(this.config, 'uploadMaxFileSize', 0)),
|
|
|
|
|
uploadMaxFiles: _.toSafeInteger(_.get(this.config, 'uploadMaxFiles', 0)),
|
|
|
|
|
uploadScanSVG: _.get(this.config, 'uploadScanSVG', false),
|
|
|
|
|
uploadForceDownload: _.get(this.config, 'uploadForceDownload', false),
|
|
|
|
|
securityOpenRedirect: _.get(this.config, 'securityOpenRedirect', false),
|
|
|
|
|
securityIframe: _.get(this.config, 'securityIframe', false),
|
|
|
|
|
securityReferrerPolicy: _.get(this.config, 'securityReferrerPolicy', false),
|
|
|
|
@ -402,6 +415,7 @@ export default {
|
|
|
|
|
uploadMaxFileSize
|
|
|
|
|
uploadMaxFiles
|
|
|
|
|
uploadScanSVG
|
|
|
|
|
uploadForceDownload
|
|
|
|
|
securityOpenRedirect
|
|
|
|
|
securityIframe
|
|
|
|
|
securityReferrerPolicy
|
|
|
|
|