Old and very useful functionality

[willysaurio]

In old versions of formcreator, which I currently maintain so as not to lose that functionality, it was allowed to paste images and upload files in public forms.
Since that was discontinued I have stayed on GLPI 10.0.5 with formcreator plugin 2.13.4
I do not update GLPI to new versions or the plugin for that reason.

Question/proposal: What possibility exists for formcreator to be parameterizable where the GLPI administrator selects whether he or she wants to lose security by having the possibility of using images and uploading files or prefers to have greater security and not allow it?

In our case, the majority of people who report incidents do so from public forms and it is very useful that they can paste images of errors and upload files with permitted extensions where they report the incident more clearly and quickly.

Please consider that possibility given the great usefulness that formcreator represents for us and I suppose for many others as well.
Thank you so much

PD: Maybe in glpi 11 you can consider this suggestion.

[btry]

Hi

the feature is removed because of a security issue which cannot be resolved. Then there is no plan to publish anything to allow / disallow uploads of images in public forms. This would require a patch in GLPI and this would introduce again a security breach.

I understand that this is annoying to lose this feature, but so far, there is no secure way to allow uploads in public forms. The best workaround would be to give GLPI credentials to your anonymous users.

Moreover, Formcreator reached end of life : GLPI 11 will contain native forms. As I'm working on an other project, I'm not involved in native forms development and I don't know if this limitation is solved or will be solved.