Check User Mimetype in file upload
thePanz - September 10, 2007 - 14:05
| Project: | Drupal |
| Version: | 7.x-dev |
| Component: | file system |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | duplicate |
Description
Hi, I was testing the upload feature of Drupal, when I noticed that using Firefox (2.0.0.6) all .pdf files was uploaded with "application/download" mimetype, when using Opera (9.23) all uploads went ok. I checked also the files DB table and in the filemime column for file uploaded with Firefox is stored "application/download".
Maybe would be great if Drupal don't always trust the user mimetype and (if possible) do a secondary test for the uploaded file mimetype using (if enabled) PHP mime_content_type() or another equivalent function. Some info here
Regards
-thePanz-
#1
Is there also a Bug report for Firefox that sends wrong MIME type for .pdf files here: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/84880
#2
I created a Patch for Drupal 5.2, needs work to get PECL FileInfo more stable with Lnux and Windows systems
#3
Patch for Drupal6-HEAD
#4
the patch needs work. it doesn't follow the Drupal coding standards
#5
I try to follow Drupal-conding standards, maybe I missed something, sorry..
I know that's not the cleanest way to accomplish mime-detecting, and I'd like to hear others suggestions..
Regards
#6
I just made a re-roll of this as well as fixing some style issues. However,
cvs diffwon't work until #261454: CVS pserver down? is fixed, so... :/#7
Here's the re-roll with various style fixes. Not tested.
#8
hi
http://drupal.org/node/43220
was committed and closed and the comments clearly said .. mime checking was only removed until something better came along
well here it is
i will i give this approach a try
there is also http://drupal.org/project/mimedetect
that may have useful code in there for a patch to detect mime types
#9
this was addressed in the last security release [#295053]