api: ignore invalid base64 data when receiving file fields (#88248)

tests/test_fields.py

@@ -915,6 +915,17 @@ def test_file_convert_from_anything():
     assert value.get_file_pointer().read() == b'hello'
 
 
+def test_file_from_json_value(pub):
+    value = fields.FileField().from_json_value({'content': 'aGVsbG8=', 'filename': 'test.txt'})
+    assert value.base_filename == 'test.txt'
+    assert value.get_file_pointer().read() == b'hello'
+
+    value = fields.FileField().from_json_value(
+        {'content': 'aGVsbG8', 'filename': 'test.txt'}  # invalid padding
+    )
+    assert value is None
+
+
 def test_new_field_type_options(pub):
     pub.load_site_options()
     if not pub.site_options.has_section('options'):

wcs/fields/file.py

@@ -237,7 +237,10 @@ class FileField(WidgetField):
 
     def from_json_value(self, value):
         if value and 'filename' in value and 'content' in value:
-            content = base64.b64decode(value['content'])
+            try:
+                content = base64.b64decode(value['content'])
+            except ValueError:
+                return None
             content_type = value.get('content_type', 'application/octet-stream')
             if content_type.startswith('text/'):
                 charset = 'utf-8'