Recently, I tried to upload a map to WarLight with an .exe file extension. I thought, there's no way this will work, but it turns out it does. The .exe file extension I added to the .svg file for the map I uploaded doesn't do anything, but someone who knew what they were doing could easily make a virus and upload it as an .exe file extension to 1 of their maps. Why do you allow file extensions Fizzer? why not automatically refuse to upload any map with a file extension, you should only allow pure .svg files?

And for anyone who's interested, here's the map, I haven't made it public and I'm not going to
http://warlight.net/SinglePlayer?PreviewMap=35125

Instead of posting this publicly, E-mailing Fizzer probably would have been a better idea.

exe is most likely not harful at all, as i doubt the servers interpret windows files, but there's a lot of scripts that would run i guess.. interesting find

Instead of posting this publicly, E-mailing Fizzer probably would have been a better idea.

To warn people so they don't just play any old map and get a virus.

Edited 8/4/2014 17:43:59

Thats true, but it might give the wrong people ideas

It's not a security issue at all. The files you upload to the map designer aren't going to be executed, they're just opened and read in as map data. The extension is irrelevant -- the name of the file or its extension are never even transmitted to the server.