From 54db7ea0bedd580606d1d52a1b2f9fd588d67f8d Mon Sep 17 00:00:00 2001
From: Jeff Atwood <jatwood@codinghorror.com>
Date: Tue, 10 Jan 2017 13:24:10 -0800
Subject: [PATCH] SECURITY: disallow csv as default upload file type

---
 config/site_settings.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/config/site_settings.yml b/config/site_settings.yml
index 0a430713bb..4344fab89e 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -701,7 +701,7 @@ files:
     default: 3072
   authorized_extensions:
     client: true
-    default: 'jpg|jpeg|png|gif|csv'
+    default: 'jpg|jpeg|png|gif'
     refresh: true
     type: list
   crawl_images: