Allow to force-download attachments based on their mimetype

Last modified by Vincent Massol on 2021/04/06

It is now possible to decide which attachments should be always downloaded based on their mimetypes: until now two properties (attachments.download.whitelist and attachments.download.blacklist) were allowing to control the display of some attachments for security reasons, but those properties are not able to control the behaviour of attachments added by a user with programming rights.

A new property has been added to allow force-download any attachment, whoever added it:

#-# [Since 12.10]
#-# Define the kind of attachment that you always want to be downloaded and never displayed inline.
#-# By default this list is empty, but you can specify a list of mime-types (coma separated list of values) which
#-# should be always downloaded no matter who attached them or what is the whitelist/blacklist configuration.
#-#
#-# The distinction with the blacklist configuration above is that the blacklist won't affect file attached by a user
#-# with programming rights, while this configuration affect any attachment.
# attachment.download.forceDownload=
Tags:
   

Get Connected