Detect attachment scam regardless of case (jpg vs JPG)

[Zabuzard]

We recently had a case in PROD where someone posted attachment-based scam that went undetected.

The message looked like this:

The reason was that our code compared file extensions case-sensitive. For example only attachments like 1.jpg are detected as image (and hence contribute to the scam check). Attachments like 1.JPG bypassed it.

Simple fix. Also added a unit test.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud