diff --git a/core/modules/file/src/Plugin/Field/FieldType/FileItem.php b/core/modules/file/src/Plugin/Field/FieldType/FileItem.php index c5fb40b215..636c4ce5b8 100644 --- a/core/modules/file/src/Plugin/Field/FieldType/FileItem.php +++ b/core/modules/file/src/Plugin/Field/FieldType/FileItem.php @@ -238,7 +238,7 @@ public static function validateExtensions($element, FormStateInterface $form_sta if (!in_array('txt', $extension_array) && !\Drupal::config('system.file')->get('allow_insecure_uploads')) { foreach ($extension_array as $extension) { if (preg_match(FILE_INSECURE_EXTENSION_REGEX, 'test.' . $extension)) { - $form_state->setError($element, t('The extension %extension is insecure. In order to allow it to be uploaded allow the "txt" extension.', ['%extension' => $extension])); + $form_state->setError($element, t('The extension %extension is insecure. In order to allow files with this extension to be uploaded add the %txt_extension extension as well.', ['%extension' => $extension, '%txt_extension' => 'txt'])); } } } diff --git a/core/modules/file/src/Tests/FileFieldWidgetTest.php b/core/modules/file/src/Tests/FileFieldWidgetTest.php index 994a318a8f..7b50e4109a 100644 --- a/core/modules/file/src/Tests/FileFieldWidgetTest.php +++ b/core/modules/file/src/Tests/FileFieldWidgetTest.php @@ -352,7 +352,7 @@ public function testFileExtensionsSetting() { // By default allowing PHP files without TXT is not permitted. $edit = ['settings[file_extensions]' => 'jpg php']; $this->drupalPostForm("admin/structure/types/manage/$type_name/fields/$field_id", $edit, t('Save settings')); - $this->assertText('The extension php is insecure. In order to allow it to be uploaded allow the "txt" extension.'); + $this->assertText('The extension php is insecure. In order to allow files with this extension to be uploaded add the txt extension as well.'); // Test allowing PHP and TXT. $edit = ['settings[file_extensions]' => 'jpg php txt']; diff --git a/core/modules/rest/tests/src/Functional/FileUploadResourceTestBase.php b/core/modules/rest/tests/src/Functional/FileUploadResourceTestBase.php index a5aeef3a51..52aabe86d7 100644 --- a/core/modules/rest/tests/src/Functional/FileUploadResourceTestBase.php +++ b/core/modules/rest/tests/src/Functional/FileUploadResourceTestBase.php @@ -498,8 +498,7 @@ public function testFileUploadMaliciousExtension() { // Add php as an allowed format without txt. Allow insecure uploads still // being FALSE should not allow this. - $this->field->setSetting('file_extensions', 'php') - ->save(); + $this->field->setSetting('file_extensions', 'php')->save(); $this->refreshTestStateAfterRestConfigChange(); $response = $this->fileRequest($uri, $php_string, ['Content-Disposition' => 'filename="example_5.php"']);