Details
-
Improvement
-
Status: Closed
-
Minor
-
Resolution: Implemented
-
Upcoming Branch
-
None
Description
Thanks to originalnichtskoenner for this PR on GH: https://github.com/apache/ofbiz-framework/pull/668. See my comment there.
<<Read file name validation pattern from security.properties to allow customization
Explanation:
Hard coding the pattern made it difficult to adjust file name validation. I hope that making it configurable will improve this.>>
Rather than pushing the PR, which is OK with me, I'll apply as a patch locally and make some modifications before pushing: indentation in SecuredUpload, and warning about file names safeness in security.properties