Solved

MIME Types

Posted on 1997-09-02
3
241 Views
Last Modified: 2013-12-03
When I use the INPUT TYPE=file tage I want to use also the ACCEPT element and restrict the browser to accept only one type of fiel (for example: image/gif) But even though I restricted the browser to image/tiff, he accepted everything. Is there a solution?
0
Comment
Question by:goweb
3 Comments
 
LVL 1

Expert Comment

by:dirge
ID: 1838877
Please give an example of your HTML form code so we have a better idea of what went wrong...
0
 

Author Comment

by:goweb
ID: 1838878
here is an example of my html tags:

<FORM ENCTYPE="multipart/form-data" ACTION="/web_office/upload.pl" METHOD="POST">
File To Upload: <INPUT TYPE="file" NAME="upload-file" SIZE=35>
<INPUT TYPE="hidden" NAME="order" VALUE="1_12">

<INPUT TYPE="submit" VALUE="Attach file"></TD>
</FORM>

0
 
LVL 4

Accepted Solution

by:
jshamlin earned 50 total points
ID: 1838879
The ENCTYPE tells the CGI process what sort of data to expect so that it may porcess it correctly, but will not limit the kind of file the user may submit - I could, for example, send a GIF file encoded as plain text (or as anything else for that matter) - and so, the ENCTYPE is not a solution - it's all ones and zeroes to the gateway.

Your best solution, in this case, would be to perform error checking on the file name - more specifically, the extension.  When the user submits the form, check the filename first to make sure it has the proper extension (.gif or whatever) - stop all processing and return an error screen if it isn't.

Granted, this will not stop users from manually changing the file extension to ".gif", no matter what the input type is - and it will also be a bit troublesome to Macintosh users, whose systems don't require file extensions - but because there's no automated way to analyze the encoded file to determine its MIME type, that may be the best you can do.

Afterthought: I've never tried this, but if you can read the content of the file "on the fly", some file format information is contained within the first line or two of the file (when viewed as text) - for example, if you open a GIF with a text editor the first characters identify the type (GIF87, GIF89a, etc) and characters 6-10 of a JPEG are "JFIF" - if you can parse and evaluate that data before saving the file to the server (or whatever operation comes next), that could be a quite effective method of evaluation.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
In this tutorial viewers will learn how to style transparent/translucent elements using alpha transparency in CSS Start with a normal styled element, such as a div.: Define its "background-color" property as "rgba (255, 255, 255, .5): The numbers in…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question