2e7bbc6566336d6924615549b8d765f99a310bfb,src-modules/org/opencms/editors/usergenerated/CmsFormSessionSecurityUtil.java,CmsFormSessionSecurityUtil,checkCreateUpload,#CmsObject#CmsFormConfiguration#String#number#,85
Before Change
}
}
if (!foundExtension) {
throw new CmsPermissionViolationException(Messages.get().container(
Messages.ERR_UPLOAD_FILE_EXTENSION_NOT_ALLOWED_1,
name));
}
}
}
After Change
if (!config.getUploadParentFolder().isPresent()) {
String message = Messages.get().container(Messages.ERR_NO_UPLOADS_ALLOWED_0).key(
cms.getRequestContext().getLocale());
throw new CmsFormException(CmsFormConstants.ErrorCode.errNoUploadAllowed, message);
}
if (config.getMaxUploadSize().isPresent()) {
if (config.getMaxUploadSize().get().longValue() < size) {
String message = Messages.get().container(Messages.ERR_UPLOAD_TOO_BIG_1, name).key(
cms.getRequestContext().getLocale());
throw new CmsFormException(CmsFormConstants.ErrorCode.errMaxUploadSizeExceeded, message);
}
}
if (config.getValidExtensions().isPresent()) {
List<String> validExtensions = config.getValidExtensions().get();
boolean foundExtension = false;
for (String extension : validExtensions) {
if (name.toLowerCase().endsWith(extension.toLowerCase())) {
foundExtension = true;
break;
}
}
if (!foundExtension) {
String message = Messages.get().container(Messages.ERR_UPLOAD_FILE_EXTENSION_NOT_ALLOWED_1, name).key(
cms.getRequestContext().getLocale());
throw new CmsFormException(CmsFormConstants.ErrorCode.errInvalidExtension, message);
}
}
}