Security fix in ext.php (#4928)

Details later.
Due to https://github.com/FreshRSS/FreshRSS/pull/3433 (1.18.0)

p/ext.php

@@ -101,7 +101,8 @@ if (!isset($_GET['f']) ||
 
 $file_name = urldecode($_GET['f']);
 $file_type = $_GET['t'];
-if (empty(SUPPORTED_TYPES[$file_type])) {
+if (empty(SUPPORTED_TYPES[$file_type]) ||
+	empty(SUPPORTED_TYPES[pathinfo($file_name, PATHINFO_EXTENSION)])) {
 	sendBadRequestResponse('File type is not supported.');
 }