Add 9 dangerous extensions and ignore trailing dot

ts/test/util/isFileDangerous_test.ts

@@ -18,6 +18,20 @@ describe('isFileDangerous', () => {
     assert.strictEqual(isFileDangerous('install.pif'), true);
   });
 
+  it('returns true for Microsoft settings files', () => {
+    assert.strictEqual(isFileDangerous('downl.SettingContent-ms'), true);
+  });
+
+  it('returns false for non-dangerous files that end in ".", which can happen on Windows', () => {
+    assert.strictEqual(isFileDangerous('dog.png.'), false);
+    assert.strictEqual(isFileDangerous('resume.docx.'), false);
+  });
+
+  it('returns true for dangerous files that end in ".", which can happen on Windows', () => {
+    assert.strictEqual(isFileDangerous('run.exe.'), true);
+    assert.strictEqual(isFileDangerous('install.pif.'), true);
+  });
+
   it('returns false for empty filename', () => {
     assert.strictEqual(isFileDangerous(''), false);
   });

ts/util/isFileDangerous.ts

@@ -1,5 +1,5 @@
 // tslint:disable-next-line max-line-length
-const DANGEROUS_FILE_TYPES = /\.(ADE|ADP|APK|BAT|CHM|CMD|COM|CPL|DLL|DMG|EXE|HTA|INS|ISP|JAR|JS|JSE|LIB|LNK|MDE|MSC|MSI|MSP|MST|NSH|PIF|SCR|SCT|SHB|SYS|VB|VBE|VBS|VXD|WSC|WSF|WSH|CAB)$/i;
+const DANGEROUS_FILE_TYPES = /\.(ADE|ADP|APK|BAT|CAB|CHM|CMD|COM|CPL|DIAGCAB|DLL|DMG|EXE|HTA|INF|INS|ISP|JAR|JS|JSE|LIB|LNK|MDE|MHT|MSC|MSI|MSP|MST|NSH|PIF|PS1|PSC1|PSM1|PSRC|REG|SCR|SCT|SETTINGCONTENT-MS|SHB|SYS|VB|VBE|VBS|VXD|WSC|WSF|WSH)\.?$/i;
 
 export function isFileDangerous(fileName: string): boolean {
   return DANGEROUS_FILE_TYPES.test(fileName);