As someone who started their career in QA and volunteered with IT support for non-technical organizations, this is one of the first test cases I would have thought to try.
Never trust user input!
Frontend validation can never be trusted. It’s only good for giving faster feedback for a nicer user experience. You should always have backend validation.
I’ve seen people do some weird stuff before because the majority of users don’t really understand much about file types. Users rename file extension all of the time thinking it’ll magically convert a file into something that can be opened by their program of choice.
Never trust user input!
Frontend validation can never be trusted. It’s only good for giving faster feedback for a nicer user experience. You should always have backend validation.
I’ve seen people do some weird stuff before because the majority of users don’t really understand much about file types. Users rename file extension all of the time thinking it’ll magically convert a file into something that can be opened by their program of choice.
This is just poor QA by the College Board.