EvilWolf/UploadFileExtensionWhiteList.php

## UploadFileExtensionWhiteList.php
<?php

namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;
use Illuminate\Http\UploadedFile;
use Illuminate\Support\Str;
use Illuminate\Validation\ValidationException;

class UploadFileExtensionWhiteList
{
    /**
     * Handle an incoming request.
     *
     * @param Request $request
     * @param Closure $next
     * @return mixed
     * @throws ValidationException
     */
    public function handle(Request $request, Closure $next)
    {
        $extensionWhileList = config('app.upload_extensions_whitelist', []);

        foreach ($request->allFiles() as $file) {
            /** @var $file UploadedFile */
            $fileExtension = Str::lower($file->getClientOriginalExtension());
            if (!in_array($fileExtension, $extensionWhileList)) {
                $fileExtension = htmlspecialchars(html_entity_decode($fileExtension));
                throw ValidationException::withMessages(["File \".{$fileExtension}\" not allowed to upload"]);
            }
        }

        return $next($request);
    }
}
	<?php

	namespace App\Http\Middleware;

	use Closure;
	use Illuminate\Http\Request;
	use Illuminate\Http\UploadedFile;
	use Illuminate\Support\Str;
	use Illuminate\Validation\ValidationException;

	class UploadFileExtensionWhiteList
	{
	/**
	* Handle an incoming request.
	*
	* @param Request $request
	* @param Closure $next
	* @return mixed
	* @throws ValidationException
	*/
	public function handle(Request $request, Closure $next)
	{
	$extensionWhileList = config('app.upload_extensions_whitelist', []);

	foreach ($request->allFiles() as $file) {
	/** @var $file UploadedFile */
	$fileExtension = Str::lower($file->getClientOriginalExtension());
	if (!in_array($fileExtension, $extensionWhileList)) {
	$fileExtension = htmlspecialchars(html_entity_decode($fileExtension));
	throw ValidationException::withMessages(["File \".{$fileExtension}\" not allowed to upload"]);
	}
	}

	return $next($request);
	}
	}