with this regex /(.|/)(xml|xml.p7m)$/ accept xxxxx.xml, xxxx.xml.p7m but don't understand why accept xxxxx.xsl
<p:fileUpload id="invoiceFileUploadId" widgetVar="invoiceFileUpload" fileUploadListener="#{menuController.uploadInvoice}" multiple="true"
allowTypes="/(\.|\/)(xml|xml\.p7m)$/" label="#{label['upload']}" auto="true" dragDropSupport="true" process="@this" update="@this"
invalidFileMessage="#{label['msg.fileNotValid']}" onstart="blockUI();" oncomplete="onCompleteUpload();"/>
Maybe the question is a bit old, but since in Primefaces 6.1 the issue still exists, I just investigated that a bit.
You use the following value for allowTypes:
/(\.|\/)(xml|xml\.p7m)$/
I digged into the Primefaces JavaScript code to find the location where the type is actually checked, and found the following (formatted for better readability):
if (this.cfg.allowTypes
&& !(
this.cfg.allowTypes.test(a.type)
|| this.cfg.allowTypes.test(a.name))) {
/* type not allowed */
}
Hint: a is a File, having the properties name containing the file name and - more interesting - type containing the MIME type of the file (e.g. 'application/pdf').
The above PF code snippet shows that a file is only rejected, if neither its name nor its MIME type match the RegExp specified in allowTypes.
For XSL-files, the MIME-type can very well be text/xml, which matches the RegExp. The regular expression is interpreted in two totally different semantic contexts.
Side note: I always wondered why Primefaces documentation have the (\.|\/) part in the regular expression. My findings give me the impression that the . is for file extension matching, and the / is for MIME type matching. Who am I to judge?
As @kukeltje states in the comments: A regular expression like e.g. /\.(xml|xml\.p7m)$/ would fix the problem. Or let's say "avoid the problem", as the real cause of the problem is that the regular expression is interpreted in two totally different contexts.