This pull request includes several changes to the file upload functionality in src/components/file_upload/js/global.js. The main improvements focus on enhancing file name validation, sanitizing file names, and improving error handling.
File Name Validation and Sanitization:
Introduced a new regex pattern to check for illegal characters and HTML/JS patterns in file names.
Added a new function sanitiseAndValidateFileName to sanitize file names by removing potentially dangerous and unwanted characters.
Error Handling:
Improved error messages for unsupported characters in file names and empty file uploads.
Code Refactoring:
Refactored the file handling loop to use for...of and created new File objects with sanitized file names while preserving original file properties.
Minor code cleanup and formatting improvements, including removing unnecessary lines and adding comments. [1][2]
Rework xss for file upload QHWT-1180
This pull request includes several changes to the file upload functionality in
src/components/file_upload/js/global.js. The main improvements focus on enhancing file name validation, sanitizing file names, and improving error handling.File Name Validation and Sanitization:
sanitiseAndValidateFileNameto sanitize file names by removing potentially dangerous and unwanted characters.Error Handling:
Code Refactoring:
for...ofand created newFileobjects with sanitized file names while preserving original file properties.