Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
FileUpload: Improve VirusScanner Interface
See original GitHub issueI would suggest to improve the VirusScanner interface which is intented for implementing custom scan services, so that within the implementation file metadata about the uploaded file (name, MIME-type) and a reference to the fileupload component is available. This would make it possible to log the filename etc. and to inform the user about the problem if a virus threat was detected.
Also it would be great to change the org.primefaces.virusscan.VirusException in a way that it extends javax.faces.validator.ValidatorException and the message of the thrown exception is shown as error message in the FileUpload component for informing the user about the detected problem with the file.
I described my problem here: https://forum.primefaces.org/viewtopic.php?f=3&t=61116
1) Environment
- PrimeFaces 7.0.11
- JSF: Mojarra 2.3.9.SP04
- JBoss Wildfly 18.0.1 Final
- Affected browsers: all Browsers
2) Expected behavior
The interface should perhaps look like this:
` /** * Perform virus scan and throw exception if a virus has been detected. * @param inputStream input stream to perform virus scan on * @param facesContext the current FacesContext * @param uploadedFile The uploaded file the scan is conducted for containing the files metadata * @param fileUpload the fileUpload component * @throws VirusException if a virus has been detected by the scanner */ void performVirusScan(InputStream inputStream, FacesContext facesContext, UploadedFile uploadedFile, FileUpload fileUpload) throws VirusException;
`
If it is not acceptable to provide the UploadedFile (which in turn exposes an InputStream of the uploaded file, what may not be intended.), at least the name and mime type should be provided.
3) Actual behavior
Currently only an FileInputStream is available: ` /** * Perform virus scan and throw exception if a virus has been detected. * @param inputStream input stream to perform virus scan on * @throws VirusException if a virus has been detected by the scanner */ void performVirusScan(InputStream inputStream) throws VirusException;
`
Issue Analytics
- State:
- Created 4 years ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
+1 Regarding:
First problem: What about having this signature:
VirusScanner#performVirusScan(UploadedFile)as simple as that? Let me know if you need more arguments, but I feel UploadedFile contains everything you needSecond problem: fully agree, we lose on VirusException infos. We’ll have to rethink
FileUploadUtils#isValidFileimpl, maybe it should no longer return a boolean but throw an exception in case something wrong, maybeFileUploadUtils#tryValidateFileinstead?WDYT @Thomas-Schindler ?
@Rapster please also adjust the migration guide