Thread

This question may be related to a resolved thread.

Am working on a new site and am having problems uploading files with the XSS filter turned on. As you can see from this example file, there is nothing in there that should trigger the filter. It’s simply a text file (representation of a 3D model) that will never be executed by any browser and thus it should never have been filtered at all. I really don’t want to turn off XSS filtering, but I do of course want non-executable files to upload as they should.

The error message I get with XSS filtering on is “The file could not be written to disk”. Without the filtering, the file uploads as it should. Can you please revisit this issue and maybe also update the error message to actually tell the user that the XSS filter kicked in?

J

Hey J,

Since this is a site that you’re currently developing, is there any way you could upgrade your EE installation to 2.2 when it is released on Wednesday? There have been an immense number of bug fixes since 2.1.3, so I’d love to file a bug report or get the developers’ input on your situation based on an installation running 2.2. That way we can be sure we’re dealing with something that’s still an issue and needs to be fixed moving forward.

Does that work for you?

I’m off on a two week holiday that day, but I’ll do it as soon as I get home and re-post here.

J

Sounds good; we’ll be here.