Regular expression for excluding file types .exe and .js

StackOverflow https://stackoverflow.com/questions/23178316

Question

I am using JQuery File upload plugin, for giving value to the option accept files I need the regular expression which will tells what are the file types to be restricted. I need to restrict both exe and js which i achieved by using below expression

(\.|\/)(!exe|!js)$

But this is expression was not allowing other files as well then I tried adding one extension as below

(\.|\/)(!exe|!js|pdf)$

With Above regular expression it is accepting only pdf and not accepting exe and JS. Now I need to enable for all file extentions except exe and js. It will be difficult to add all the extensions to the expression. Can we mention some how in the expression to accept other filetypes except exe and js in the similar format above. This regular expression is for JS.

Thanks,

Vinay

Was it helpful?

Solution

This will exclude .js and .exe at the end of the string, but allow anything else:

/^[^.]+$|\.(?!(js|exe)$)([^.]+$)/

Broken down:

  1. ^[^.]+$ matches any string with no dots
  2. \.(?!(js|exe)$)([^.]+$) matches a dot only if it is not followed by js or exe at the end of the string.

The following are allowed:

  • something.js.notjs
  • somethingelse.exee
  • /something.js/foo

The following are not allowed:

  • jquery.js
  • outlook.exe

Note: excluding certain file extensions is not a substitute for security, and even if it were JS and EXE files would not be a comprehensive blacklist. If your purpose in excluding certain extensions is to protect your server or your users, consider a white list of extensions and a thorough validation of file data after upload.

OTHER TIPS

You're looking to use the (?!pattern) syntax. Also, while stating what you want to match, you aren't stating what should match. So this should do the trick:

(\.|\/)(?!exe|js).*$

This is saying "Match anything that's a dot (.) as long as it's not followed by 'exe' or 'js', and then match whatever you want after that."

I do not know this work or not but 99% this will work for you to exclude this exe or js extension use following pattern

/\.(exe|js)$/ig

Following code give you TRUE when file is on your blacklist. Otherwise give you FALSE

var result = /\.(exe|js)$/ig.test(filename);

Hope this help you!

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top