Validate MIME Type for Multi-Extension Filenames, Polyglot Files, and Null-Byte Injection

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 3분

    • Use a system property to prevent attachments from bypassing MIME-type restrictions.

    Use the glide.attachment.enable_secure_filename_validation system property to enable strict validation of attachment file names. This change to prevents attachments from bypassing MIME-type restrictions. When set to true, the platform performs full file name sanitization and rejects unsafe patterns that could otherwise be used to upload malicious files.

    Add a record to the System Properties [sys_properties] table with the name glide.attachment.enable_secure_filename_validation and a value of true.

    More information

    Attribute Description
    Configuration name glide.attachment.enable_secure_filename_validation
    Configuration type System Properties (/sys_properties_list.do)
    Data type Boolean
    Recommended value true
    Default value false
    Fallback value false
    Category Validation, sanitization, and encoding
    Security risk
    • Severity score:4.6
    • CVSS score: Medium
    • Security risk details:

      MIME type validation for file attachments doesn't take place in multi-extension processing or when null bytes are present. This allows attackers to circumvent the glide.attachment.extensions and glide.security.file.mime_type.validation system properties through null-byte injection, multi-extension file names and polyglot files, leading to malicious file uploads.
    Functional impact

    When the glide.attachment.enable_secure_filename_validation property is set to true:

    • Uploads that previously passed may now be rejected.
    • Integrations or automations that rely on generating file names with multiple dots or unusual patterns may fail until updated.
    • Custom UI pages, scoped apps, or API consumers that upload files programmatically (especially with templated file names) may hit validation errors.
    • CI/CD pipelines that import files, ATF tests, or legacy scripts may need updates to ensure compliant file names.

    Functionality that does not rely on unsafe file name patterns continue to work normally.
    Dependencies and prerequisites None