Parse File Upload bug when multiple '.' in the filename

[JustACodeMonkey]

New Issue Checklist

• I am not disclosing a vulnerability.
• I am not just asking a question.
• I have searched through existing issues.
• I can reproduce the issue with the latest version of Parse Server.

Issue Description

Lines 142 and 144 of Routers -> FilesRouter.js determine the file extension by splitting on either '.' or '/' and then taking position [1]. If a file has multiple '.' in the file name, the extension is incorrectly determined. For example an image file with the name PXL_20220317_175936064.PORTRAIT.jpg returns an extension of PORTRAIT instead of jpg, when then throws an error "error: File upload of extension PORTRAIT is disabled."

Steps to reproduce

Upload an image with multiple periods in the file name where the name portion at index 1 is not a known image type.

Actual Outcome

Parse Server throws an error "error: File upload of extension PORTRAIT is disabled."

Expected Outcome

Images should be uploaded correctly and the extension should be determined correctly

This can be fixed by changing
if (filename && filename.includes('.')) {
extension = filename.split('.')[1];
} else if (contentType && contentType.includes('/')) {
extension = contentType.split('/')[1];
}
to
if (filename && filename.includes('.')) {
const parts = filename.split('.');
extension = parts[parts.length - 1];
} else if (contentType && contentType.includes('/')) {
const parts = contentType.split('/');
extension = parts[parts.length - 1];
}

Environment

Node with Express
parse-server: 6.2.1
node: 16.14.0
express: 4.18.2

Server

• Parse Server version: 6.2.1
• Operating system: Windows 11 v10.0.22621 (localhost)
• Local or remote host (AWS, Azure, Google Cloud, Heroku, Digital Ocean, etc): localhost and Digital Ocean

Database

• System (MongoDB or Postgres): MongoDB
• Database version: 5.0.6
• Local or remote host (MongoDB Atlas, mLab, AWS, Azure, Google Cloud, etc): localhost and Digital Ocean

Client

• SDK (iOS, Android, JavaScript, PHP, Unity, etc): JavaScript
• SDK version: 4.1.0

Logs

(error: File upload of extension PORTRAIT is disabled. {"code":130,"stack":"Error: File upload of extension PORTRAIT is disabled.\n at createHandler (C:\Users\gregy\Dev\Syzl\api - feature-ts\node_modules\parse-server\src\Routers\FilesRouter.js:166:11)\n at Layer.handle [as handle_request] (C:\Users\gregy\Dev\Syzl\api - feature-ts\node_modules\express\lib\router\layer.js:95:5)\n at next (C:\Users\gregy\Dev\Syzl\api - feature-ts\node_modules\express\lib\router\route.js:144:13)\n at handleParseSession (C:\Users\gregy\Dev\Syzl\api - feature-ts\node_modules\parse-server\src\middlewares.js:327:5)\n at runMicrotasks ()\n at processTicksAndRejections (node:internal/process/task_queues:96:5)"})

[parse-github-assistant]

Thanks for opening this issue!

• 🚀 You can help us to fix this issue faster by opening a pull request with a failing test. See our Contribution Guide for how to make a pull request, or read our New Contributor's Guide if this is your first time contributing.

[mtrezza]

Is this a duplicate of #8753?

[JustACodeMonkey]

Is this a duplicate of #8753?

Looks like yes. Sorry, that issue didn't come up when I did the issue search. I'll close this one and will update our packages when v6.4 is out in non-alpha form.