Details later. Due to https://github.com/FreshRSS/FreshRSS/pull/3433 (1.18.0)
@@ -101,7 +101,8 @@ if (!isset($_GET['f']) ||
$file_name = urldecode($_GET['f']);
$file_type = $_GET['t'];
-if (empty(SUPPORTED_TYPES[$file_type])) {
+if (empty(SUPPORTED_TYPES[$file_type]) ||
+ empty(SUPPORTED_TYPES[pathinfo($file_name, PATHINFO_EXTENSION)])) {
sendBadRequestResponse('File type is not supported.');
}
Alexandre Alapetite