Open thanhtungka91 opened 2 years ago
adding the allowFileTypes
in the config file (file-manager
) seems work fine.
'allowFileTypes' => [
'jpg', 'jpeg',
]
This option works only while uploading and someone still can bypass this check by creating file first and then update the file content. This might lead to a PHP file upload and code execution vulnerability.
Does laravel-file-manager supports validation when upload like file extension such as https://unisharp.github.io/laravel-filemanager/