constant FILE_INSECURE_EXTENSION_REGEX in Drupal 8

Same name and namespace in other branches

1. 9 core/modules/file/file.module \FILE_INSECURE_EXTENSION_REGEX

The regex pattern used when checking for insecure file types.

4 uses of FILE_INSECURE_EXTENSION_REGEX

FileUploadResource::prepareFilename in core/modules/file/src/Plugin/rest/resource/FileUploadResource.php

Prepares the filename to strip out any malicious extensions.

file_validate in core/modules/file/file.module

Checks that a file meets the criteria specified by the validators.

TemporaryJsonapiFileFieldUploader::prepareFilename in core/modules/jsonapi/src/Controller/TemporaryJsonapiFileFieldUploader.php

Prepares the filename to strip out any malicious extensions.

_file_save_upload_single in core/modules/file/file.module

Saves a file upload to a new location.

File

core/modules/file/file.module, line 30

Defines a "managed_file" Form API field and a "file" field for Field module.

Code

define('FILE_INSECURE_EXTENSION_REGEX', '/\\.(phar|php|pl|py|cgi|asp|js)(\\.|$)/i');