Jump to content

File extensions


Recommended Posts


What's your use-case? From a security point of view it's not a good idea to allow everything. Surely you have an idea what kind of file-types will be used?

I found another forum thread where basically the same question was asked, and the gist of it was: No, you can't. Leaving the allowed extension config list empty makes it unusable, and just entering a wildcard * won't work either. @ryan takes security matters very seriously, and personally, I wouldn't want to have such a "everything goes" option built-in the core, too.

If you have to, for some reason, import data from another system, and create / populate fields via API (batch actions), you can temporarily allow each file extension that comes your way, and then switch back to a "normal" default set after save. But I guess you were asking about using the GUI options.

  • Like 5
Link to comment
Share on other sites

  • 7 months later...

It would be helpful to have a bit more flexibility on this field type.

What about, instead of any extension, an option for no extension? Use case: storing configuration files in a knowledgebase system. It is a little inconvenient to be required to rename a file or add an extension in order to upload, and once more when downloading. I appreciate it isn't a major headache to have to do that, but it all goes towards usability.

Link to comment
Share on other sites

  • 3 months later...

Hi, just bump into an issue and the impossibility to configure an option for no extension (via the admin or the wireUpload API) would have been handy.

On Android if you upload a audio file, the file is uploaded without extention (that's not a bug but an inteded thing saw a few stackoverflow threads on that). As a result I am unable to offer the possibility to upload mp3 files from a android device without some extra js code. In my use case only one admin would have had access to this uploading functionality. As a result no possibility to upload an audio file from the processwire admin if you are trying to do it from an android device. Therefore yes an option would have been nice. But I do understand the security related issues.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...