Always use content to resolve content type in resources.GetRemote

This is a security hardening measure; don't trust the URL extension or any `Content-Type`/`Content-Disposition` header on its own, always look at the file content using Go's `http.DetectContentType`. This commit also adds ttf and otf media type definitions to Hugo. Fixes #9302 Fixes #9301
author: Bjørn Erik Pedersen <[email protected]> 2021-12-16 15:12:13 +0100
committer: Bjørn Erik Pedersen <[email protected]> 2021-12-17 09:50:28 +0100
commit: 44954497bcb2d6d589b9340a43323663061c7b42 (patch)
tree: 0d0d06b11e462ccff1a908c2b1c4dfd039b82787 /resources/postpub
parent: 22ef5da20d1685dfe6aff3bd9364c9b1f1d0d8f8 (diff)
download: hugo-44954497bcb2d6d589b9340a43323663061c7b42.tar.gz
hugo-44954497bcb2d6d589b9340a43323663061c7b42.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/resources/postpub/fields_test.go b/resources/postpub/fields_test.go
index 19c3720f7..c408e7791 100644
--- a/resources/postpub/fields_test.go
+++ b/resources/postpub/fields_test.go
@@ -36,6 +36,7 @@ func TestCreatePlaceholders(t *testing.T) {
 		"Suffixes":    "pre_foo.Suffixes_post",
 		"Delimiter":   "pre_foo.Delimiter_post",
 		"FirstSuffix": "pre_foo.FirstSuffix_post",
+		"IsText":      "pre_foo.IsText_post",
 		"String":      "pre_foo.String_post",
 		"Type":        "pre_foo.Type_post",
 		"MainType":    "pre_foo.MainType_post",
author	Bjørn Erik Pedersen <[email protected]>	2021-12-16 15:12:13 +0100
committer	Bjørn Erik Pedersen <[email protected]>	2021-12-17 09:50:28 +0100
commit	44954497bcb2d6d589b9340a43323663061c7b42 (patch)
tree	0d0d06b11e462ccff1a908c2b1c4dfd039b82787 /resources/postpub
parent	22ef5da20d1685dfe6aff3bd9364c9b1f1d0d8f8 (diff)
download	hugo-44954497bcb2d6d589b9340a43323663061c7b42.tar.gz hugo-44954497bcb2d6d589b9340a43323663061c7b42.zip