Merge branch 'jn/mime-type-with-params'

gitster · gitster · commit 2c6b5d882876 · 2011-06-06T11:40:22.000-07:00
* jn/mime-type-with-params:
  gitweb: Fix usability of $prevent_xss
diff --git a/gitweb/gitweb.perl b/gitweb/gitweb.perl
@@ -6127,7 +6127,7 @@ sub git_blob_plain {
 	# want to be sure not to break that by serving the image as an
 	# attachment (though Firefox 3 doesn't seem to care).
 	my $sandbox = $prevent_xss &&
-		$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))$!;
+		$type !~ m!^(?:text/plain|image/(?:gif|png|jpeg))(?:[ ;]|$)!;
 
 	print $cgi->header(
 		-type => $type,
