Hi, I'd like to allow user to upload file to my seblod website and basically I will allow images, movies, document and archive file. Because in the upload file field allows us to choose only one file type, so I choose 'Custom' for Legal Extension option, and I entered this : doc,pdf,ppt,xls,zip,DOC,PDF,PPT,XLS,ZIP,jpg,jpeg,png,gif,bmp,JPG,JPEG,PNG,GIF,BMP,mp3,wav,mp4,avi,mov
My question is, will the upload process be secured by seblod? I mean will it just an simple extension check or also MIME check when uploading file (if I choose 'Custom' for 'Legal Extension' setting).
Thank you
Files are scanned for illegal tags like php, but as far as I can tell there is no MIME check
I see. Anyway, I'm just wondering. Isn't it better to have MIME check for uploading field? Especially when we allow users to upload files from frontend?
I agree that MIME check would add some additional security, but unfortunatelly this is not implemented.
