Implementing file attachments for web messaging guests using the genesys-cloud-web-messaging-sdk. The UI allows the customer to select files, but I need to enforce strict MIME type and size limits before the actual upload hits the CXone API.
The SDK doesn’t seem to expose a pre-upload validation hook for sendFileMessage. Right now, if a user uploads a .exe or a 50MB video, the request goes through and fails downstream with a 413 or a policy violation error.
Here’s the current flow:
const file = event.target.files[0];
const maxSize = 10 * 1024 * 1024; // 10MB
const allowedTypes = ['image/png', 'image/jpeg', 'application/pdf'];
if (file.size > maxSize || !allowedTypes.includes(file.type)) {
// Handle client-side error
return;
}
// Send to CXone
messagingService.sendFileMessage({
file: file,
conversationId: currentConversationId
});
The issue is file.type can be spoofed or empty in some browsers. The CXone API rejects the file after the SDK has already initiated the transfer. I see the REST endpoint for uploading is something like /api/v2/conversations/messages/{conversationId}/fileUpload but the SDK handles the multipart form data internally.
Is there a way to intercept the payload in the SDK before it sends? Or should I be making a separate POST to a validation endpoint first? The docs for the Guest API are sparse on this specific error handling. I don’t want to waste bandwidth on invalid files.