plane icon indicating copy to clipboard operation
plane copied to clipboard
Published 5 days ago verified publisher icon makeplane

[VPAT-16] improvement: add file validation to prevent malicious uploads

Open prateekshourya29 opened this issue 1 week ago • 2 comments

Description

Add client-side checks for double extensions, dangerous file types, dot files, and path traversal patterns. Addresses security audit recommendations for file upload validation.

Type of Change

  • [x] Improvement (change that would cause existing functionality to not work as expected)

Summary by CodeRabbit

Release Notes

  • New Features
    • Added security checks to block files with dangerous executable and script extensions from being uploaded
    • Implemented strict filename validation to prevent uploads of empty names, hidden files, and path-traversal attacks
    • Enhanced detection to identify suspicious double file extensions

✏️ Tip: You can customize this high-level summary in your review settings.

prateekshourya29 avatar Jan 06 '26 12:01 prateekshourya29