From 5c824a20306d362c03b2c308d9cff1c4f446f6dc Mon Sep 17 00:00:00 2001 From: Waleed Latif Date: Fri, 27 Mar 2026 16:46:37 -0700 Subject: [PATCH 1/2] fix(knowledge): reject non-alphanumeric file extensions from document names --- apps/sim/lib/knowledge/documents/parser-extension.ts | 5 ++--- apps/sim/lib/uploads/utils/validation.ts | 6 ++++-- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/apps/sim/lib/knowledge/documents/parser-extension.ts b/apps/sim/lib/knowledge/documents/parser-extension.ts index ab32a7da1ed..db8765f14a5 100644 --- a/apps/sim/lib/knowledge/documents/parser-extension.ts +++ b/apps/sim/lib/knowledge/documents/parser-extension.ts @@ -29,9 +29,8 @@ export function resolveParserExtension( mimeType?: string, fallback?: string ): string { - const filenameExtension = filename.includes('.') - ? filename.split('.').pop()?.toLowerCase() - : undefined + const raw = filename.includes('.') ? filename.split('.').pop()?.toLowerCase() : undefined + const filenameExtension = raw && /^[a-z0-9]+$/.test(raw) ? raw : undefined if (filenameExtension && isSupportedParserExtension(filenameExtension)) { return filenameExtension diff --git a/apps/sim/lib/uploads/utils/validation.ts b/apps/sim/lib/uploads/utils/validation.ts index f9bc0221801..3eba57387ab 100644 --- a/apps/sim/lib/uploads/utils/validation.ts +++ b/apps/sim/lib/uploads/utils/validation.ts @@ -137,7 +137,8 @@ export interface FileValidationError { * Validate if a file type is supported for document processing */ export function validateFileType(fileName: string, mimeType: string): FileValidationError | null { - const extension = path.extname(fileName).toLowerCase().substring(1) as SupportedDocumentExtension + const raw = path.extname(fileName).toLowerCase().substring(1) + const extension = (/^[a-z0-9]+$/.test(raw) ? raw : '') as SupportedDocumentExtension if (!SUPPORTED_DOCUMENT_EXTENSIONS.includes(extension)) { return { @@ -221,7 +222,8 @@ export function validateMediaFileType( fileName: string, mimeType: string ): FileValidationError | null { - const extension = path.extname(fileName).toLowerCase().substring(1) + const raw = path.extname(fileName).toLowerCase().substring(1) + const extension = /^[a-z0-9]+$/.test(raw) ? raw : '' const isAudio = SUPPORTED_AUDIO_EXTENSIONS.includes(extension as SupportedAudioExtension) const isVideo = SUPPORTED_VIDEO_EXTENSIONS.includes(extension as SupportedVideoExtension) From ce71ebf1f2de0d21e7de6c9a1fabb3ba965d78e1 Mon Sep 17 00:00:00 2001 From: Waleed Latif Date: Fri, 27 Mar 2026 16:51:49 -0700 Subject: [PATCH 2/2] fix(knowledge): improve error message when extension is non-alphanumeric --- apps/sim/lib/uploads/utils/validation.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/sim/lib/uploads/utils/validation.ts b/apps/sim/lib/uploads/utils/validation.ts index 3eba57387ab..94456e726ec 100644 --- a/apps/sim/lib/uploads/utils/validation.ts +++ b/apps/sim/lib/uploads/utils/validation.ts @@ -143,7 +143,7 @@ export function validateFileType(fileName: string, mimeType: string): FileValida if (!SUPPORTED_DOCUMENT_EXTENSIONS.includes(extension)) { return { code: 'UNSUPPORTED_FILE_TYPE', - message: `Unsupported file type: ${extension}. Supported types are: ${SUPPORTED_DOCUMENT_EXTENSIONS.join(', ')}`, + message: `Unsupported file type${extension ? `: ${extension}` : ` for "${fileName}"`}. Supported types are: ${SUPPORTED_DOCUMENT_EXTENSIONS.join(', ')}`, supportedTypes: [...SUPPORTED_DOCUMENT_EXTENSIONS], } } @@ -231,7 +231,7 @@ export function validateMediaFileType( if (!isAudio && !isVideo) { return { code: 'UNSUPPORTED_FILE_TYPE', - message: `Unsupported media file type: ${extension}. Supported audio types: ${SUPPORTED_AUDIO_EXTENSIONS.join(', ')}. Supported video types: ${SUPPORTED_VIDEO_EXTENSIONS.join(', ')}`, + message: `Unsupported media file type${extension ? `: ${extension}` : ` for "${fileName}"`}. Supported audio types: ${SUPPORTED_AUDIO_EXTENSIONS.join(', ')}. Supported video types: ${SUPPORTED_VIDEO_EXTENSIONS.join(', ')}`, supportedTypes: [...SUPPORTED_AUDIO_EXTENSIONS, ...SUPPORTED_VIDEO_EXTENSIONS], } }