From 8fddd33f4becb0981c8ee467ff012680989adce3 Mon Sep 17 00:00:00 2001
From: Eldad Fux <eldad.fux@gmail.com>
Date: Wed, 27 Jan 2021 00:15:20 +0200
Subject: [PATCH] Added file type validation

---
 app/controllers/api/functions.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/controllers/api/functions.php b/app/controllers/api/functions.php
index 733a20dddb..e9dd135c4b 100644
--- a/app/controllers/api/functions.php
+++ b/app/controllers/api/functions.php
@@ -440,9 +440,9 @@ App::post('/v1/functions/:functionId/tags')
         $file['size'] = (\is_array($file['size']) && isset($file['size'][0])) ? $file['size'][0] : $file['size'];
 
         // Check if file type is allowed (feature for project settings?)
-        // if (!$fileType->isValid($file['tmp_name'])) {
-        //     throw new Exception('File type not allowed', 400);
-        // }
+        if (!$fileType->isValid($file['tmp_name'])) {
+            throw new Exception('File type not allowed', 400);
+        }
 
         if (!$fileSize->isValid($file['size'])) { // Check if file size is exceeding allowed limit
             throw new Exception('File size not allowed', 400);