So after much hair pulling, I finally found the answer and wanted to share with everyone in case anyone has this issue in the future. I spent ages trying to workout how to edit the upload function, this seemed to be the hardest part as locating this file or extension or whatever it could have been was infuriating.
I decided to go back to basics instead of trawling the internet. So I inspected the source could of one of my pages which has the upload function at the bottom and noticed that the file was being controlled by the upload.js file, if you click on the location of this file i.e. the src="<wiki_domain>/location/of/file/upload.js" you can then view the contents of this file. I then stumbled upon the following documentation:
This shows that there is a filter available but it’s defaulted to allowing all MIME types and even shows the regex style for formatting, there example is images. I then looked in the upload.js file in the browser and looked for the variable ‘fileFilter’ which amazingly was there and looks like this, just a small snippet of the file:
I then needed to find this file so proceeded to hunt this down, just so you know I installed the wiki on a ubuntu box, so the location of this file for me was:
I then proceeded to find that regex and after some playing around changed the code to look like the following:
Then I restarted the tomcat8 server to make sure the changes have been implemented and low and behold only the following files were permitted: PNG, JPEG, PowerPoint, Word, and PDF.
You can obviously change the files that you want and make the restrictions more open for example allowing all image types would look like the following:
I know this is a massive post but wanted to make it clear to all how to fix this issue. There is a massive security risk to the application and the server if users can upload any files types, I would highly recommend locking this functionality down.
Hope it’s helped