How do we restrict certain file types (extensions) from being uploaded by using TRIRIGA properties? We need to avoid users from uploading certain file extensions due to security concerns.
Due to security concerns or specific business needs, customers might want to prevent their users from uploading specific file types (extensions) into IBM TRIRIGA. IBM TRIRIGA can implement this by using restriction properties “COMPANY_FILE_” and “IMPORT_CONTENT_” (set in the TRIRIGAWEB.properties file).
- Note that “COMPANY_FILE_” is related to restrictions for image files, whereas “IMPORT_CONTENT_” is related to restrictions for document files. For each restriction type, you can have a “_EXCLUDE_” and “_INCLUDE_” set up.
- You should use either “_EXCLUDE_” or “_INCLUDE_”, but using both is not a good practice since you may have a conflict for the settings. Therefore if you use both, the “_INCLUDE_” property takes precedence. If neither of those properties is used, then file uploads are not restricted.
- When using “_EXCLUDE_”, that will be a looser restriction, meaning you will be accepting uploads of all file extensions (types), except the ones listed for the “_EXCLUDE_” property.
- When using “_INCLUDE_”, that will be a tighter restriction, meaning you will be only accepting uploads of the file extensions (types) listed for the “_INCLUDE_” property.
The available properties are listed in the TRIRIGAWEB.properties (3.4.2) page.