Forms for Editors - fileupload whitelist of file extensions

Jesper Splidsboel

Posted on 30/12/2022 11:59:30

Hi can I using "Forms for Editors" make a whitelist of file-extension and try to pervent upload of unwanted files on serverside ?

I know you can rename your files and bypass this kind of restrictions, but anyone has a solution to this ?

A notification subscriber could give me access to validate the files before it's uploaded to the server, but if I use the notification - Dynamicweb.Forms.Notifications.Frontend.OnAfterSubmitSave it's too late and the file is already uploaded to the server. A notification just before the file is uploaded could help me.

Any solution ??

Replies

Jesper Splidsboel

Posted on 11/01/2023 13:23:14

Can anyone help me ?

Nicolai Pedersen

Posted on 18/01/2023 17:39:32

Hi Jesper

That is not possible without coding

You can do a Dynamicweb.Forms.Notifications.Frontend.OnBeforeContent notification subscriber and then look through the posted files and handle the issue.

Usually you would use web.config to limit upload sizes and you can stop IIS from serving unwanted extensions.

BR Nicolai

You must be logged in to post in the forum

Developer forum

Forms for Editors - fileupload whitelist of file extensions

Replies