Uploaded image for project: 'Magnolia DX Core'
  1. Magnolia DX Core
  2. MGNLEE-829

Port to Master: Compromised JS files only checked if they are zipped

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Neutral Neutral
    • 6.3.0
    • None
    • None
    • None

      Steps to reproduce

      1. Go to Demo and open the Assets app
      2. Click on upload new asset and within the detail view, select the test.js file
      3. Upload it and check no security check is performed (asset uploaded)
      4. Now try the "Upload zip archive" with the test.js.zip file
      5. Check the security check prevents the user to upload the file

      Expected results

      Validator should detect correct mimeType for file. Javascript file could be uploaded if zipped or not. 

      Actual results

      If not zipped, the file is uploaded

      Workaround

      N/A

      Development notes

      N/A

        Acceptance criteria

              ricardo.gonzalez ricardo gonzalez
              ccantalapiedra Carlos Cantalapiedra
              AuthorX
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved:
                Work Started:

                  Bug DoR
                  Task DoD

                    Estimated:
                    Original Estimate - Not Specified
                    Not Specified
                    Remaining:
                    Remaining Estimate - 0d
                    0d
                    Logged:
                    Time Spent - 0.5h
                    0.5h