Attaching files from outside web root
-
Hi,
For several years I’ve been using the wpcf7_mail_components filter hook in the WPCF7_Mail::compose function to read the visitors submitted form data, write it to an encrypted file, attach it to the email and remove the visitor’s details from the email body text before sending (a requirement from our client).
Since CF7 v5.4.1 a change has been made to the WPCF7_Mail::compose function to reject attachments that are not stored under wp-content directory. This change has broken my solution as I store the encrypted files in a location outside the web root for security reasons.
Could you consider changing this validation with a filter hook or similar to allow developers to include an alternative or additional trusted source location for attachments?
Thanks.
- The topic ‘Attaching files from outside web root’ is closed to new replies.
