Regular expression for excluding file types .exe and .js
I am using JQuery File upload plugin, for giving value to the option accept files I need the regular expression which will tells what are the file types to be restricted. I need to restrict both exe and js which i achieved by using below expression
(\.|\/)(!exe|!js)$
But this is expression was not allowing other files as well then I tried adding one extension as below
(\.|\/)(!exe|!js|pdf)$
With Above regular expression it is accepting only pdf and not accepting exe and JS. Now I need to enable for all file extentions except exe and js. It will be difficult to add all the extensions to the expression. Can we mention some how in the expression to accept other filetypes except exe and js in the similar format above. This regular expression is for JS.
Thanks,
Vinay
Answer
This will exclude .js and .exe at the end of the string, but allow anything else:
/^[^.]+$|\.(?!(js|exe)$)([^.]+$)/
Broken down:
^[^.]+$matches any string with no dots\.(?!(js|exe)$)([^.]+$)matches a dot only if it is not followed byjsorexeat the end of the string.
The following are allowed:
something.js.notjssomethingelse.exee/something.js/foo
The following are not allowed:
jquery.jsoutlook.exe
Note: excluding certain file extensions is not a substitute for security, and even if it were JS and EXE files would not be a comprehensive blacklist. If your purpose in excluding certain extensions is to protect your server or your users, consider a white list of extensions and a thorough validation of file data after upload.