Jump to content
We've recently updated our Privacy Statement, available here ×

  • Restricting File Uploads JRXML

    Sarthak Chaudhary

    By Sarthak Chaudhary

      • Features: User Authorization Version: v8 Product: JasperReports® Server
     Share

    Problem Statement: 

    Our requirement is to block the upload of JRXML files in the user interface. There existed this setting in the documentation for version 6.0.1: 

    https://community.jaspersoft.com/documentation/tibco-jasperreports-server-administrator-guide/v601/restricting-file-uploads 

    …/WEB-INF/flows/fileResourceBeans.xml

    file.upload.max.size to 0, also tried 1 byte. But we are still able to upload a JRXML file.

    We also tried to set a restricted regular expression for a file name and custom message in fileNameRegexp & fileNameValidationMessageKey 

    But still no reaction from Jasper. Can you confirm are that the settings are still in use in version 7.9.2, or have been deprecated?  Can you please advise a way to block the upload of JRXML?

    Solution:

    You might be able to disable it by excluding all file extensions in the resource.locate.js (see below in the documentation). 

     

    https://community.jaspersoft.com/documentation/tibco-jasperreports-server-security-guide/v790/restricting-file-uploads (File upload Extensions)

     

    Specifically, you can edit the <jasperserver-pro-war>/scripts/resource.locate.js file and modify the ALLOWED_FILE_RESOURCE_EXTENSIONS.

     Share
    Go to entries

    User Feedback

    Recommended Comments

    There are no comments to display.



    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now

×
×
  • Create New...

© 2024 Cloud Software Group,
Inc. All rights reserved.

Products

Explore