From 5ce582448ececb8d9c30c8c31f58330090ced03a Mon Sep 17 00:00:00 2001
From: Simon Sawicki <contact@grub4k.xyz>
Date: Tue, 2 Jul 2024 00:52:50 +0200
Subject: [core] Disallow unsafe extensions (CVE-2024-38519)

Ref: https://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-79w7-vh3h-8g4j

Authored by: Grub4K
---
 yt_dlp/options.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'yt_dlp/options.py')

diff --git a/yt_dlp/options.py b/yt_dlp/options.py
index b97c516ce..1b18575c1 100644
--- a/yt_dlp/options.py
+++ b/yt_dlp/options.py
@@ -474,7 +474,7 @@ def create_parser():
                 'no-attach-info-json', 'embed-thumbnail-atomicparsley', 'no-external-downloader-progress',
                 'embed-metadata', 'seperate-video-versions', 'no-clean-infojson', 'no-keep-subs', 'no-certifi',
                 'no-youtube-channel-redirect', 'no-youtube-unavailable-videos', 'no-youtube-prefer-utc-upload-date',
-                'prefer-legacy-http-handler', 'manifest-filesize-approx',
+                'prefer-legacy-http-handler', 'manifest-filesize-approx', 'allow-unsafe-ext',
             }, 'aliases': {
                 'youtube-dl': ['all', '-multistreams', '-playlist-match-filter', '-manifest-filesize-approx'],
                 'youtube-dlc': ['all', '-no-youtube-channel-redirect', '-no-live-chat', '-playlist-match-filter', '-manifest-filesize-approx'],
-- 
cgit v1.2.3