--- a/mod_http_upload/mod_http_upload.lua Thu Apr 13 20:26:24 2017 +0200
+++ b/mod_http_upload/mod_http_upload.lua Thu Apr 13 20:29:41 2017 +0200
@@ -31,6 +31,7 @@
local file_size_limit = module:get_option_number(module.name .. "_file_size_limit", 1024 * 1024); -- 1 MB
local quota = module:get_option_number(module.name .. "_quota");
local max_age = module:get_option_number(module.name .. "_expire_after");
+local allowed_file_types = module:get_option_set(module.name .. "_allowed_file_types");
--- sanity
local parser_body_limit = module:context("*"):get_option_number("http_max_content_size", 10*1024*1024);
@@ -140,6 +141,13 @@
end
end
+ if allowed_file_types then
+ if not (allowed_file_types:contains(mimetype) or allowed_file_types:contains(mimetype:gsub("/.*", "/*"))) then
+ origin.send(st.error_reply(stanza, "cancel", "not-allowed", "File type not allowed"));
+ return true;
+ end
+ end
+
local reply = st.reply(stanza);
reply:tag("slot", { xmlns = xmlns });