0
votes
var FormFileUpload = function() {
  return {
    init: function() {
      $('#fileupload').fileupload({
        disableImageResize: false,
        autoUpload: false,
        disableImageResize: /Android(?!.*Chrome)|Opera/.test(window.navigator.userAgent),
        maxFileSize: 5000000,
        acceptFileTypes: /(\.|\/)(gif|jpe?g|png)$/i,
        {
          withCredentials: true
        },
      });
      $('#fileupload').fileupload('option', 'redirect', window.location.href.replace(/\/[^\/]*$/, '/cors/result.html?%s'));
      if ($.support.cors) {
        $.ajax({
          type: 'HEAD'
        }).fail(function() {
          $('<div class="alert alert-danger"/>')
            .text('Upload server currently unavailable - ' + new Date())
            .appendTo('#fileupload');
        });
      }

      $('#fileupload').addClass('fileupload-processing');
      $.ajax({
          withCredentials: true
        },
        url: $('#fileupload').attr("action"),
        dataType: 'json',
        context: $('#fileupload')[0]
      }).always(function() {
      $(this).removeClass('fileupload-processing');
    }).done(function(result) {
      $(this).fileupload('option', 'done')
        .call(this, $.Event('done'), {
          result: result
        });
    });
  }

};

}();

jQuery(document).ready(function() {
  FormFileUpload.init();
});
  • I need to bypass file upload rules,
  • Like this script only allows gif,jpeg,png,
  • I need to upload some other format Is this possible
  • Like php,text etc..
  • Is there any way to bypass them.I am going to add this script on my website.So anyone can bypass them ,It's mandatory for my website.
2
Java is not JavaScript. Please do not use the java tag for questions that have nothing to do with Java.ajb
@Kuru Please don't suggest to remove the validation. It will be very risky and will leave a breach for malicious scriptsTushar
@Tushar understood..bypass mean no need of validation... that's why i just commented as suggestion..Kuru

2 Answers

1
votes

You just need to add the extension you want in the acceptFileTypes validation regex, like if you want to add .php and .txt, change the regex like below

acceptFileTypes: /(\.|\/)(gif|jpe?g|png|txt|php)$/i, 

So what ever file extension you need to add, just add it using | symbol. This pipe symbol is used for OR notation in Regex


Please Note: Do not allow all file types, as it would be a security breach and possible loophole for the attackers. Someone can also upload malicious scripts, so you need to be very careful here.

0
votes

you can add file type -

init: function () {
    $('#fileupload').fileupload({
        .......
        acceptFileTypes: /(\.|\/)(gif|jpe?g|png|php|txt)$/i,  

or can select all alphabetic character **(not recommended)

init: function () {
        $('#fileupload').fileupload({
            .......
            acceptFileTypes: /(\.|\/)([A-z]+)$/i,