Closed taca closed 3 years ago
Thanks for the contribution. This was done consiously because the original filename is arbitrary user input and can technically contain anything. I can even think of possible XSS attacks.
Sure and I understand. Then I noticed that "File upload" form item has no validation for input (filename) and some check should be done. Yes, it is not the problem of contao-mp_form but Contao core...
Anyway thanks for your quick response.
I think that it is better to show original filename instead of temporary filename.