You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In ImageSelector and MediaSelector we define file extensions that are allowed to be selected in the native file browser dialog. It's possible to work around this restriction by switching from "Customized Files" to "All files" and select ANY file, which will then be uploaded even though it might be of incorrect type, not supported by this selector.
Since we cannot do anything about this behaviour in the native dialog, we should have an additional check/filter on the server which will verify uploaded file against allowed types for the input type.
The text was updated successfully, but these errors were encountered:
…#1346)
* Possible to upload an attachment of unallowed type in selectors #1345
* Update UploaderEl.ts
Co-authored-by: Alan Semenov <alansemenov@users.noreply.github.com>
alansemenov
changed the title
Possible to upload an attachment of unallowed type in selectors
Image/media selector should not allow uploading unsupported media
Jun 22, 2020
alansemenov
changed the title
Image/media selector should not allow uploading unsupported media
Image/media selector should not allow uploading unsupported media types
Jun 22, 2020
…#1346)
* Possible to upload an attachment of unallowed type in selectors #1345
* Update UploaderEl.ts
Co-authored-by: Alan Semenov <alansemenov@users.noreply.github.com>
(cherry picked from commit 05575e7)
@alansemenov commented on Tue May 12 2020
In ImageSelector and MediaSelector we define file extensions that are allowed to be selected in the native file browser dialog. It's possible to work around this restriction by switching from "Customized Files" to "All files" and select ANY file, which will then be uploaded even though it might be of incorrect type, not supported by this selector.
Since we cannot do anything about this behaviour in the native dialog, we should have an additional check/filter on the server which will verify uploaded file against allowed types for the input type.
The text was updated successfully, but these errors were encountered: