For Security requirements, I have a requirement to implement checks on the file attached.
I’ve already extended activity CallVirusCheck to verify the file extension, but how can I test if the extension corresponds to the real file format?
ex: pdf extension is a real pdf file and not a text file with modified extension
Thanks!
@Deven ,
Create a function with below code, call this function after uploading the file using AttachFile Control(may be in post activity of Flow action where upload control is present).
If function returns true, file is valid PDF format, else not.
PRThread thisThread = (PRThread)ThreadContainer.get();
ClipboardPage pgRequestorPage = thisThread.getPublicAPI().getRequestor().getRequestorPage();
PRFile objFile = pega_rules_utilities.pzGetUploadedFile(pgRequestorPage);
try
{
org.apache.pdfbox.pdmodel.PDDocument doc=org.apache.pdfbox.pdmodel.PDDocument.load(new PRInputStream(objFile));
}
catch (Throwable e)
{
return false;
}
return true;
Hope this helps.
Thanks
Krishna
Resolved the issue. Added the custom java code for MIME type identification by using the TIKA library.
@Deven Can you please help us with the custom java code used to solve the issue. Is it only for PDF’s or it can defect other file types?
@KiranKumarS3582 the code will work for all files once you get the MIME type. please find the below link for more details.