?
Solved

MIME Types

Posted on 1997-09-02
3
Medium Priority
?
257 Views
Last Modified: 2013-12-03
When I use the INPUT TYPE=file tage I want to use also the ACCEPT element and restrict the browser to accept only one type of fiel (for example: image/gif) But even though I restricted the browser to image/tiff, he accepted everything. Is there a solution?
0
Comment
Question by:goweb
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 1

Expert Comment

by:dirge
ID: 1838877
Please give an example of your HTML form code so we have a better idea of what went wrong...
0
 

Author Comment

by:goweb
ID: 1838878
here is an example of my html tags:

<FORM ENCTYPE="multipart/form-data" ACTION="/web_office/upload.pl" METHOD="POST">
File To Upload: <INPUT TYPE="file" NAME="upload-file" SIZE=35>
<INPUT TYPE="hidden" NAME="order" VALUE="1_12">

<INPUT TYPE="submit" VALUE="Attach file"></TD>
</FORM>

0
 
LVL 4

Accepted Solution

by:
jshamlin earned 100 total points
ID: 1838879
The ENCTYPE tells the CGI process what sort of data to expect so that it may porcess it correctly, but will not limit the kind of file the user may submit - I could, for example, send a GIF file encoded as plain text (or as anything else for that matter) - and so, the ENCTYPE is not a solution - it's all ones and zeroes to the gateway.

Your best solution, in this case, would be to perform error checking on the file name - more specifically, the extension.  When the user submits the form, check the filename first to make sure it has the proper extension (.gif or whatever) - stop all processing and return an error screen if it isn't.

Granted, this will not stop users from manually changing the file extension to ".gif", no matter what the input type is - and it will also be a bit troublesome to Macintosh users, whose systems don't require file extensions - but because there's no automated way to analyze the encoded file to determine its MIME type, that may be the best you can do.

Afterthought: I've never tried this, but if you can read the content of the file "on the fly", some file format information is contained within the first line or two of the file (when viewed as text) - for example, if you open a GIF with a text editor the first characters identify the type (GIF87, GIF89a, etc) and characters 6-10 of a JPEG are "JFIF" - if you can parse and evaluate that data before saving the file to the server (or whatever operation comes next), that could be a quite effective method of evaluation.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Find out what you should include to make the best professional email signature for your organization.
When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question