[File Upload] Filter the file extensions to be uploaded
Forge component by Carlos Alfaro
Application Type
Traditional Web

We got findings from the last PEN test that all file extension are allowable to upload on the app. Is it possible to filter the file extensions to be uploaded? Thank you.

Hi Joseph

Yes this is possible by programmatically checking the extension of the file being uploaded here: 

You can use an if statement to check if the extension being upload is one of the acceptable extensions. If not then handle and terminate the flow.

However, my recommendation would be to switch to this forge component here. This other component has been validated by community experts and follows best practices for security & code quality. It will also very easily allow you to define the acceptable extensions as string (e.g. ".pdf, .doc, .docx") in one of the input parameters of the web block:


Regards,

Ossama

Solution

Hi Joseph,

I hope you are great mate.

You can achieve this one with JavaScript also please refer below link for your reference,

https://www.daniweb.com/programming/web-development/threads/169399/filtering-the-file-extensions-in-fileupload-control

Kind Regards,

Ajit kurane

Hi Joseph

Yes this is possible by programmatically checking the extension of the file being uploaded here: 

You can use an if statement to check if the extension being upload is one of the acceptable extensions. If not then handle and terminate the flow.

However, my recommendation would be to switch to this forge component here. This other component has been validated by community experts and follows best practices for security & code quality. It will also very easily allow you to define the acceptable extensions as string (e.g. ".pdf, .doc, .docx") in one of the input parameters of the web block:


Regards,

Ossama

Solution

Hi Joseph,

I hope you are great mate.

You can achieve this one with JavaScript also please refer below link for your reference,

https://www.daniweb.com/programming/web-development/threads/169399/filtering-the-file-extensions-in-fileupload-control

Kind Regards,

Ajit kurane

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.