diff options
author | Thomas Bruederli <thomas@roundcube.net> | 2012-11-27 16:25:42 +0100 |
---|---|---|
committer | Thomas Bruederli <thomas@roundcube.net> | 2012-11-27 16:25:42 +0100 |
commit | c14b337450bb546f5c1b18b1a66481844a3e79d0 (patch) | |
tree | 1e4307f9ac1e3c634f51531ce025e493641e5454 /program/localization/en_US/messages.inc | |
parent | dff2c713fbc5dd8a501a31f3c158b8be412f46d0 (diff) |
Fix XSS vulnerability using Flash files (#1488828) by comparing mimetypes and filename extensions
Diffstat (limited to 'program/localization/en_US/messages.inc')
-rw-r--r-- | program/localization/en_US/messages.inc | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/program/localization/en_US/messages.inc b/program/localization/en_US/messages.inc index a900fae18..68cf314e7 100644 --- a/program/localization/en_US/messages.inc +++ b/program/localization/en_US/messages.inc @@ -163,6 +163,7 @@ $messages['invalidimageformat'] = 'Not a valid image format.'; $messages['mispellingsfound'] = 'Spelling errors detected in the message.'; $messages['parentnotwritable'] = 'Unable to create/move folder into selected parent folder. No access rights.'; $messages['messagetoobig'] = 'The message part is too big to process it.'; +$messages['attachmentvalidationerror'] = 'WARNING! This attachment is suspicious because its type doesn\'t match the type declared in the message. If you do not trust the sender, you shouldn\'t open it in the browser because it may contain malicious contents.<br/><br/><em>Expected: $expected; found: $detected</em>'; $messages['noscriptwarning'] = 'Warning: This webmail service requires Javascript! In order to use it please enable Javascript in your browser\'s settings.'; ?> |