[D7] Add tests for handling files with insecure extensions

Created on 26 May 2023, about 1 year ago

Problem/Motivation

This is a follow-up to: 📌 [D7] Add phtml files to the list of potentially malicious extensions Fixed

D7 does not have a complete test of FILE_INSECURE_EXTENSIONS. Only selected use-cases (extensions) are tested in various functions, but not all of them. For example the asp extension is not tested anywhere.

D10 has such test in SecurityFileUploadEventSubscriberTest::testSanitizeName().

We need to create such a test for D7, to have these insecure extensions tested properly (ideally to test uploading files with these extensions and also file names munging, but let's see).

Steps to reproduce

Proposed resolution

Add a tests for uploading files with insecure extensions and also file names munging (of such files).

Remaining tasks

User interface changes

API changes

Data model changes

Release notes snippet

📌 Task
Status

Active

Version

7.0 ⚰️

Component
Simpletest 

Last updated 1 day ago

Created by

🇸🇰Slovakia poker10

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.69.0 2024