FILE_INSECURE_EXTENSION_REGEX

Same name in other branches
  1. 9 core/modules/file/file.module \FILE_INSECURE_EXTENSION_REGEX

The regex pattern used when checking for insecure file types.

4 uses of FILE_INSECURE_EXTENSION_REGEX
FileUploadResource::prepareFilename in core/modules/file/src/Plugin/rest/resource/FileUploadResource.php
Prepares the filename to strip out any malicious extensions.
file_validate in core/modules/file/file.module
Checks that a file meets the criteria specified by the validators.
TemporaryJsonapiFileFieldUploader::prepareFilename in core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php
Prepares the filename to strip out any malicious extensions.
_file_save_upload_single in core/modules/file/file.module
Saves a file upload to a new location.

File

core/modules/file/file.module, line 30

Code

define('FILE_INSECURE_EXTENSION_REGEX', '/\\.(phar|php|pl|py|cgi|asp|js)(\\.|$)/i');

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.