Hi All,
We have observation from our VA testing team, that while uploading file it should not contain double extension like as shown below:
FileUploadBypass.php%00.xlsx
Currently Appian is allowing to upload the file in to application because of extension .xlsx but VA testing team suggested us to file name should not contain double extension.
Any suggestions on this, how to validate this kind of observation?
Regards,Sandeep
Discussion posts and replies are publicly visible
I asked ChatGPT to create a Regex. Haven't had time to extensively test it but it's a starting point.
a!localVariables( local!pattern: "^(?=.*\.[^.]+)(?!(?:.*\.[^.]+){2}).*$", regexmatch( local!pattern, "FileUploadBypass.php%00.xlsx" ) )
Thank you Mathieu Drouin,On UI at a!fileUploadField() we have put the given validation.