[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

MIME Types

Posted on 1997-09-02
3
Medium Priority
?
263 Views
Last Modified: 2013-12-03
When I use the INPUT TYPE=file tage I want to use also the ACCEPT element and restrict the browser to accept only one type of fiel (for example: image/gif) But even though I restricted the browser to image/tiff, he accepted everything. Is there a solution?
0
Comment
Question by:goweb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Expert Comment

by:dirge
ID: 1838877
Please give an example of your HTML form code so we have a better idea of what went wrong...
0
 

Author Comment

by:goweb
ID: 1838878
here is an example of my html tags:

<FORM ENCTYPE="multipart/form-data" ACTION="/web_office/upload.pl" METHOD="POST">
File To Upload: <INPUT TYPE="file" NAME="upload-file" SIZE=35>
<INPUT TYPE="hidden" NAME="order" VALUE="1_12">

<INPUT TYPE="submit" VALUE="Attach file"></TD>
</FORM>

0
 
LVL 4

Accepted Solution

by:
jshamlin earned 100 total points
ID: 1838879
The ENCTYPE tells the CGI process what sort of data to expect so that it may porcess it correctly, but will not limit the kind of file the user may submit - I could, for example, send a GIF file encoded as plain text (or as anything else for that matter) - and so, the ENCTYPE is not a solution - it's all ones and zeroes to the gateway.

Your best solution, in this case, would be to perform error checking on the file name - more specifically, the extension.  When the user submits the form, check the filename first to make sure it has the proper extension (.gif or whatever) - stop all processing and return an error screen if it isn't.

Granted, this will not stop users from manually changing the file extension to ".gif", no matter what the input type is - and it will also be a bit troublesome to Macintosh users, whose systems don't require file extensions - but because there's no automated way to analyze the encoded file to determine its MIME type, that may be the best you can do.

Afterthought: I've never tried this, but if you can read the content of the file "on the fly", some file format information is contained within the first line or two of the file (when viewed as text) - for example, if you open a GIF with a text editor the first characters identify the type (GIF87, GIF89a, etc) and characters 6-10 of a JPEG are "JFIF" - if you can parse and evaluate that data before saving the file to the server (or whatever operation comes next), that could be a quite effective method of evaluation.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
In this Micro Tutorial viewers will learn how to create navigation buttons that change on rollover, using CSS (Continuation of the CSS Image Sprite tutorial) Create a parent ID for all the list items       - Specify position: absolute and display: block…
In this tutorial viewers will learn how to embed Flash content in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <object> tag to embed Flash content.: To specify that the object is Flash content, d…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question