On the project page it says that the mimedetect module is highly recommended. Can someone provide some information on what it does and what I would be missing out on if I didn't have it.

Thanks!

Comments

quicksketch’s picture

The project page gives you a basic idea: http://drupal.org/project/mimedetect

But in short, it makes it harder for users to upload files that don't match their extension. For example, a malicious user might upload a PHP file that is renamed to script.jpg. Mimedetect actually opens the file, checks to make sure that it's a JPG before its accepted (note that Drupal provides additional protection against uploaded PHP scripts from being executed). It's also handy to just prevent accidents, like a PNG file that accidentally was saved with the extension .jpg.

quicksketch’s picture

Project: FileField » MimeDetect
Version: 6.x-3.0-rc1 » 6.x-1.x-dev

This question should have been asked in the MimeDetect queue. I'll leave it to drewish if he thinks a more extensive description is necessary for the project page.

Flying Drupalist’s picture

Thanks a lot, :) Now it makes sense to me.

drewish’s picture

Status: Active » Fixed

from the project page (which it sounds like you've already read):

MimeDetect provides an API for consistent server side mime detection using the PHP FileInfo extension, the UNIX 'file' command, user supplied mime data, or file extension lookups. It is distributed with it's own magic library for use with the PHP FileInfo extension to make mime detection more consistent in different environments.

Status: Fixed » Closed (fixed)

Automatically closed -- issue fixed for 2 weeks with no activity.