This is more of a note to people that might encounter the same issue than it is a complaint or "OMG A BUG!!!" post... This is definitely one of those easy-to-overlook items, and not something that I've seen noted online.
When you browse for a file via the Flash FileReference.browse() method and have supplied a filetype description/extension filter, a user can bypass the filter by simply typing in the name of the file they wish to upload.
This is fairly consistent with HTML file uploads in browsers, as most (if not all) ignore the "accept" filetype filter param and just upload whatever to the server.
So - you might want to double-check the file type in your onSelect function before sending to the server, and triple-checking on your upload script. Just don't count of the file being what you set the filter for.
No Comments for this post yet...
Comments are closed for this post.
The opinions expressed on this blog are those of the author only and are not necessarily those of his employer.