As you might know, the WEBGUI File Browser is replacing the Java Applet to perform download/upload operations via WEBGUI.
You can use the WEBGUI File Browser in all web browsers supported by PAM: check my previous blog about it.
Today I want to present a new feature: white list and black list of the content that can be displayed via WEBGUI file browser.
MP4: No, no, no!
For testing purposes, I uploaded a MP4 video file to a purchase order in my test system.
Here you can see the attachment list:
When I select the Video row and click on the display button, the following popup appears:
So, before I can view a file, the same should be available via virtual file system.
When I confirm this popup, I receive the information that “mp4” files cannot be opened:
And, confirming this popup brings another popup:
What happens via WEBGUI File Browser?
Now I have the file stored in the virtual file system:
When I access the WEBGUI File Browser and try to see the file, I receive more information:
So, the only way to visualize the content of the MP4 file is: export the file to the local file system first, then the file can be opened.
White List, Black List
There is a list of allowed file types and mp4 is not included there.
A new parameter is available:
One example of use:
So, if I want to allow the MP4 file type:
If I would like to block access to HTML files, then another parameter needs to be used:
My setting is:
The GUI Configuration of my test system (WEBGUI service):
Now, if I try to visualize the video, the player is called and the video displayed.
If you want to use this new feature, then please read SAP note 2305615: a kernel upgrade is required.
The list of allowed extensions is also available in the note.