be clear that filtered isnt about safety

4 years ago · eb5f576034
parent f540d07e67
commit eb5f576034
2 changed files with 6 additions and 6 deletions
--- a/configs/main.js.example
+++ b/configs/main.js.example
@ -108,9 +108,9 @@ module.exports = {

 	/* filter filenames on posts and banners
 		false=no filtering
-		true=alphanumeric including underscore and hyphen
-		regex= provide a regex, e.g. /[^\w\s-]+/g */
-	safeFileNames: /[^\w\s-]+/g,
+		true=allow only A-Za-z0-9_-
+		regex=custom regex of what to replace e.g. /[^\w\s-]+/g */
+	filterFileNames: false,

 	//options for code block highlighting in posts
 	highlightOptions: {
--- a/controllers/forms.js
+++ b/controllers/forms.js
@ -3,7 +3,7 @@
 const express  = require('express')
 	, router = express.Router()
 	, Boards = require(__dirname+'/../db/boards.js')
-	, { globalLimits, debugLogs, safeFileNames } = require(__dirname+'/../configs/main.js')
+	, { globalLimits, debugLogs, filterFileNames } = require(__dirname+'/../configs/main.js')
 	//middlewares
 	, calcPerms = require(__dirname+'/../helpers/checks/calcpermsmiddleware.js')
 	, hasPerms = require(__dirname+'/../helpers/checks/haspermsmiddleware.js')
@ -27,7 +27,7 @@ const express  = require('express')
 	, postFiles = upload({
 		debug: debugLogs,
 		createParentPath: true,
-		safeFileNames,
+		safeFileNames: filterFileNames,
 		preserveExtension: 4,
 		limits: {
 			totalSize: globalLimits.postFilesSize.max,
@ -41,7 +41,7 @@ const express  = require('express')
 	, bannerFiles = upload({
 		debug: debugLogs,
 		createParentPath: true,
-		safeFileNames,
+		safeFileNames: filterFileNames,
 		preserveExtension: 3,
 		limits: {
 			totalSize: globalLimits.bannerFilesSize.max,