Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Notes File upload control should have a file type checking that only permits the upload of appropriate files and does not permit uploading any server-side scripts or executable files (e.g. .php, .jsp, etc.) or client-side executable files (e.g. .exe).

Notes File upload control should have a file type checking that only permits the upload of appropriate files and does not permit uploading any server-side scripts or executable files (e.g. .php, .jsp, etc.) or client-side executable files (e.g. .exe).

Added layer of security to control the MIME type being uploaded using the File Upload Control.

  • Attach files
      Drop here to upload
    • Guest
      Reply
      |
      Jul 11, 2024

      I would like to get the file type based on the content of the file and not just based on the extension. Apache Tika could be used to get the metadata of the file and return the file type

    • Guest
      Reply
      |
      Oct 12, 2023

      Any update on this enhancement? It is a huge security ristk.

    • Guest
      Reply
      |
      Feb 14, 2022

      We have Vulnerabilities for this type of issues, is it possible to use any tools to check in form MIME type also without using xpages

    • Guest
      Reply
      |
      Sep 13, 2021

      Lotusscript should be able to know the mime of the file to be processed so that in the webquerysave it can be controlled, since it can lead to security errors among the users of the applications