Skip to content

6.2.0
Compare
Choose a tag to compare
@parseplatformorg parseplatformorg released this 20 May 23:24
· 528 commits to release since this release
6.2.0
1506273

6.2.0 (2023-05-20)

Features

  • Add new Parse Server option fileUpload.fileExtensions to restrict file upload by file extension; this fixes a security vulnerability in which a phishing attack could be performed using an uploaded HTML file; by default the new option only allows file extensions matching the regex pattern ^[^hH][^tT][^mM][^lL]?$, which excludes HTML files; if your app currently depends on uploading files with HTML file extensions then this may be a breaking change and you could allow HTML file upload by setting the option to ['.*'] (#8538) (a318e7b)
Assets 2
Loading