Problem Statement:
Our requirement is to block the upload of JRXML files in the user interface. There existed this setting in the documentation for version 6.0.1:
…/WEB-INF/flows/fileResourceBeans.xml
file.upload.max.size to 0, also tried 1 byte. But we are still able to upload a JRXML file.
We also tried to set a restricted regular expression for a file name and custom message in fileNameRegexp & fileNameValidationMessageKey
But still no reaction from Jasper. Can you confirm are that the settings are still in use in version 7.9.2, or have been deprecated? Can you please advise a way to block the upload of JRXML?
Solution:
You might be able to disable it by excluding all file extensions in the resource.locate.js (see below in the documentation).
https://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v790/restricting-file-uploads (File upload Extensions)
Specifically, you can edit the <jasperserver-pro-war>/scripts/resource.locate.js file and modify the ALLOWED_FILE_RESOURCE_EXTENSIONS.
Recommended Comments
There are no comments to display.
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now