Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Implemented
-
Upcoming Branch
-
None
-
None
Description
In demo trunk and local with demo data in an existing agreement, no files of following type can be uploaded:
- xlsx
- pptx
- docx
in screen a message as per attached image is shown, in the console following is shown:
2024-03-05 09:22:57,838 |jsse-nio-8443-exec-4 |SecuredUpload |E| For security reason lines over 10000 are not allowed 2024-03-05 09:22:57,838 |jsse-nio-8443-exec-4 |ServiceUtil |E| {errorMessage=For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted., responseMessage=error} 2024-03-05 09:22:57,838 |jsse-nio-8443-exec-4 |ServiceDispatcher |E| Error in Service [createAnonFile]: For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted. 2024-03-05 09:22:57,839 |jsse-nio-8443-exec-4 |TransactionUtil |W| Calling transaction setRollbackOnly; this stack trace shows where this is happening: java.lang.Exception: Error in Service [createAnonFile]: For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted. at org.apache.ofbiz.entity.transaction.TransactionUtil.setRollbackOnly(TransactionUtil.java:372) [main/:?] at org.apache.ofbiz.entity.transaction.TransactionUtil.rollback(TransactionUtil.java:306) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:577) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:244) [main/:?] at org.apache.ofbiz.service.GenericDispatcherFactory$GenericDispatcher.runSync(GenericDispatcherFactory.java:93) [main/:?] at org.apache.ofbiz.service.LocalDispatcher$runSync$0.call(Unknown Source) [main/:?] at org.apache.ofbiz.service.engine.GroovyBaseScript.runService(GroovyBaseScript.groovy:74) [main/:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:568) ~[?:?] at org.codehaus.groovy.runtime.callsite.PlainObjectMetaMethodSite.doInvoke(PlainObjectMetaMethodSite.java:48) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite$PogoCachedMethodSite.invoke(PogoMetaMethodSite.java:166) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:57) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:51) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.PogoMetaMethodSite.callCurrent(PogoMetaMethodSite.java:62) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:194) [groovy-3.0.21.jar:3.0.21] at org.apache.ofbiz.service.engine.GroovyBaseScript.run(GroovyBaseScript.groovy:82) [main/:?] at org.apache.ofbiz.service.engine.GroovyBaseScript$run$3.callCurrent(Unknown Source) [main/:?] at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:51) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:171) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:185) [groovy-3.0.21.jar:3.0.21] at org.apache.ofbiz.content.data.DataServicesScript.saveLocalFileDataResource(DataServicesScript.groovy:274) [script:?] at org.apache.ofbiz.content.data.DataServicesScript$saveLocalFileDataResource.callCurrent(Unknown Source) [script:?] at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:51) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:171) [groovy-3.0.21.jar:3.0.21] at org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:185) [groovy-3.0.21.jar:3.0.21] at org.apache.ofbiz.content.data.DataServicesScript.attachUploadToDataResource(DataServicesScript.groovy:179) [script:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:?] at jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) ~[?:?] at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:?] at java.lang.reflect.Method.invoke(Method.java:568) ~[?:?] at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:107) [groovy-3.0.21.jar:3.0.21] at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:323) [groovy-3.0.21.jar:3.0.21] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1254) [groovy-3.0.21.jar:3.0.21] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1030) [groovy-3.0.21.jar:3.0.21] at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:814) [groovy-3.0.21.jar:3.0.21] at groovy.lang.GroovyObject.invokeMethod(GroovyObject.java:39) [groovy-3.0.21.jar:3.0.21] at groovy.lang.Script.invokeMethod(Script.java:96) [groovy-3.0.21.jar:3.0.21] at org.apache.ofbiz.service.engine.GroovyEngine.runSync(GroovyEngine.java:110) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:428) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:244) [main/:?] at org.apache.ofbiz.service.group.GroupServiceModel.invoke(GroupServiceModel.java:121) [main/:?] at org.apache.ofbiz.service.group.GroupModel.runAll(GroupModel.java:172) [main/:?] at org.apache.ofbiz.service.group.GroupModel.run(GroupModel.java:135) [main/:?] at org.apache.ofbiz.service.group.ServiceGroupEngine.runSync(ServiceGroupEngine.java:54) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:428) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:244) [main/:?] at org.apache.ofbiz.service.group.GroupServiceModel.invoke(GroupServiceModel.java:121) [main/:?] at org.apache.ofbiz.service.group.GroupModel.runAll(GroupModel.java:172) [main/:?] at org.apache.ofbiz.service.group.GroupModel.run(GroupModel.java:135) [main/:?] at org.apache.ofbiz.service.group.ServiceGroupEngine.runSync(ServiceGroupEngine.java:54) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:428) [main/:?] at org.apache.ofbiz.service.ServiceDispatcher.runSync(ServiceDispatcher.java:244) [main/:?] at org.apache.ofbiz.service.GenericDispatcherFactory$GenericDispatcher.runSync(GenericDispatcherFactory.java:93) [main/:?] at org.apache.ofbiz.webapp.event.ServiceEventHandler.invoke(ServiceEventHandler.java:254) [main/:?] at org.apache.ofbiz.webapp.control.RequestHandler.runEvent(RequestHandler.java:1078) [main/:?] at org.apache.ofbiz.webapp.control.RequestHandler.doRequest(RequestHandler.java:678) [main/:?] at org.apache.ofbiz.webapp.control.ControlServlet.handle(ControlServlet.java:231) [main/:?] at org.apache.ofbiz.webapp.control.ControlServlet.doPost(ControlServlet.java:81) [main/:?] at javax.servlet.http.HttpServlet.service(HttpServlet.java:555) [tomcat-servlet-api-9.0.82.jar:4.0.FR] at javax.servlet.http.HttpServlet.service(HttpServlet.java:623) [tomcat-servlet-api-9.0.82.jar:4.0.FR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) [tomcat-embed-websocket-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.ofbiz.webapp.control.SameSiteFilter.doFilter(SameSiteFilter.java:45) [main/:?] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.ofbiz.webapp.control.ContextFilter.doFilter(ContextFilter.java:188) [main/:?] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.ofbiz.webapp.control.ControlFilter.doFilter(ControlFilter.java:176) [main/:?] at javax.servlet.http.HttpFilter.doFilter(HttpFilter.java:53) [tomcat-servlet-api-9.0.82.jar:4.0.FR] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) [log4j-web-2.20.0.jar:2.20.0] at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342) [tomcat-catalina-9.0.82.jar:9.0.82] at org.apache.coyote.http2.StreamProcessor.service(StreamProcessor.java:432) [tomcat-coyote-9.0.82.jar:9.0.82] at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63) [tomcat-coyote-9.0.82.jar:9.0.82] at org.apache.coyote.http2.StreamProcessor.process(StreamProcessor.java:90) [tomcat-coyote-9.0.82.jar:9.0.82] at org.apache.coyote.http2.StreamRunnable.run(StreamRunnable.java:35) [tomcat-coyote-9.0.82.jar:9.0.82] at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) [tomcat-util-9.0.82.jar:9.0.82] at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) [tomcat-util-9.0.82.jar:9.0.82] at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util-9.0.82.jar:9.0.82] at java.lang.Thread.run(Thread.java:833) [?:?] 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |ServiceDispatcher |T| Sync service [accounting/createAnonFile] finished in [3] milliseconds 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |ServiceUtil |E| {errorMessage=For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted., responseMessage=error} 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |ServiceDispatcher |E| Error in Service [attachUploadToDataResource]: For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted. 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |TransactionUtil |I| Transaction rollback only not set, rollback only is already set. 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |ServiceDispatcher |T| Sync service [accounting/attachUploadToDataResource] finished in [12] milliseconds 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |GroupModel |E| Grouped service [attachUploadToDataResource] failed. 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |ServiceDispatcher |E| Error in Service [createContentFromUploadedFile]: For security reason only valid files of supported image formats (GIF, JPEG, PNG, TIFF), SVG, PDF, and ZIP or text files with safe names (only Alpha-Numeric characters, hyphen, underscore and spaces, only 1 dot, name and extension not empty) and contents are accepted. 2024-03-05 09:22:57,840 |jsse-nio-8443-exec-4 |TransactionUtil |I| Transaction rollback only not set, rollback only is already set. 2024-03-05 09:22:5// code placeholder