NimbostratusI want to block any extension from being uploaded to my Website , i want to allow only ".pdf" extension to be uploaded . I cann't used allowed / Disallowed file types as this looks on URI , am i right ? File upload here is @ a parameter called "FileGet " ... how to do that ? regular expression under parameter or what ?
NimbostratusUse a regular expression to control the value of the parameter (if the value is the file name). This should work, and it is easy to add more file extensions if you like, below I am allow for .pdf and .doc.
(?i).(pdf|doc)$
You will probably also have a parameter that is the actual file upload make sure to set that parameter as a file upload value and check the box to say no .exe. I would also recommend using the feature to offload AV scanning of the file to a Scan Engine of some sort.
AltostratusTo check for an extension is no save way to allow only pdf files. You have to look into the file or a pdf-file can be something else.
Nimbostratus
NimbostratusTo check for an extension is no save way to allow only pdf files. You have to look into the file or a pdf-file can be something else.
Nimbostratus
NimbostratusHi Mike / Torti,
I'm having the same issue whereby the application filtered under ASM only able to upload .doc file while the rests being blocked by ASM (eg: pdf, excel, zip). Referring to your answer, we need to allow at least file type and I'm having difficulties to locate where should I configure those parameter value. Appreciate your help. I'm running version 11.4.0.
NimbostratusSame here i am not able to know where can configure this Parameter. Is it configured in the XML Profiles??
Nimbostratusthanks a lot for the feedback:)