Using TRIRIGA web properties to restrict file types from upload


How do we restrict certain file types (extensions) from being uploaded by using TRIRIGA properties? We need to avoid users from uploading certain file extensions due to security concerns.

Due to security concerns or specific business needs, customers might want to prevent their users from uploading specific file types (extensions) into IBM TRIRIGA. IBM TRIRIGA can implement this by using restriction properties “COMPANY_FILE_” and “IMPORT_CONTENT_” (set in the TRIRIGAWEB.properties file).

  • Note that “COMPANY_FILE_” is related to restrictions for image files, whereas “IMPORT_CONTENT_” is related to restrictions for document files. For each restriction type, you can have a “_EXCLUDE_” and “_INCLUDE_” set up.
  • You should use either “_EXCLUDE_” or “_INCLUDE_”, but using both is not a good practice since you may have a conflict for the settings. Therefore if you use both, the “_INCLUDE_” property takes precedence. If neither of those properties is used, then file uploads are not restricted.
  • When using “_EXCLUDE_”, that will be a looser restriction, meaning you will be accepting uploads of all file extensions (types), except the ones listed for the “_EXCLUDE_” property.
  • When using “_INCLUDE_”, that will be a tighter restriction, meaning you will be only accepting uploads of the file extensions (types) listed for the “_INCLUDE_” property.

The available properties are listed in the TRIRIGAWEB.properties (3.4.2) page.

Continue reading 

2 thoughts on “Using TRIRIGA web properties to restrict file types from upload

  1. Pingback: Having an issue with restricting the upload of certain file types | TRIRIGAFEEDIA

  2. Pingback: IV97281: Malicious file uploads by bypassing JavaScript validation – TRIRIGAFEEDIA

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.