Upload and download restrictions for attachments can be set based on file type. Using this feature can restrict potentially malicious or unwanted file types from being uploaded. You can also restrict certain file types from being displayed in the browser on download. The attachment settings for both uploads and downloads can be found on the Admin panel: Content section > Files and images page.
Upload file options
The Uploading files section on the Files and images page has two fields available for entry. The Upload all file types except list is a blacklist that will restrict only those file types that are specified. The Only upload these file types list is a whitelist that will restrict all attachments from being uploaded except those specified.
Choose the list type that is most appropriate for your restriction scheme by selecting the radio button beside it. Then enter the list of file extensions in a comma-separated list. Click Save when you are done.
The following shows the ThoughtFarmer default values for the upload attachment settings:
Note: If you change the list to exclude files that have previously been uploaded, they will no longer display. For images uploaded through the Rich Text Editor, only new image uploads will be affected. Previously uploaded images will continue to display.
Display files in the browser
The Display files in the browser setting dictates which file types will be displayed in the browser (where possible). Listing file extensions under this setting enables the View in browser option in file menus and file icons for files of those types. File types not listed will not display the View in browser option, and must be downloaded instead. The default file types for this setting are pdf, jpg, gif, png, tiff and svg.
Note: Some file types must be downloaded and saved locally before viewing regardless of the download settings in ThoughtFarmer.