We have a legacy web application which runs on Perl and Angular 1.8 and we have several forms from where files can be uploaded. We have validations in place at the form submit level, but also want to introduce a check using WAF (AWS) to allow only a few file extensions that are uploaded as an additional security precaution.
We tried following the documentation from here, but it still allows all files for upload.
We tried changing the inspect type to the other possible options and also to match for file extensions, but this blocks even webpages from loading instead of just the uploaded files. Trying to match by content-type to multipart/formdata did not made a difference either.