require(JIRAFEAU_ROOT.'lib/template/footer.php');
exit;
} else {
- if (hash_equals($link['key'], md5($_POST['key']))) {
+ if (hash_equals($link['key'], hash('sha256',$_POST['key']))) {
$password_challenged = true;
} else {
sleep(2);
header('Content-Disposition: attachment; filename="' . $link['file_name'] . '"');
} else {
header('Content-Disposition: filename="' . $link['file_name'] . '"');
+ header('X-Content-Type-Options: nosniff');
}
header('Content-Type: ' . $link['mime_type']);
if ($cfg['file_hash'] == "md5") {